go-gorm/gorm

Releases117

Frequency2 weeks 3 days

Last Release 8 months ago

Stars39.8K

The fantastic ORM library for Golang, aims to be developer friendly

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-15562 ↗	Aug 26, 2019Monday, 26 August 2019, 13:15	9.8 CRITICAL	7.5 HIGH
GORM before 1.9.10 allows SQL injection via incomplete parentheses. NOTE: Misusing Gorm by passing untrusted user input where Gorm expects trusted SQL fragments is a vulnerability in the application, not in Gorm