uptrace/bun

Releases1.15K

Frequency1 day 13 hours

Last Release 3 months ago

Stars4.85K

SQL-first Golang ORM

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-44906 ↗	Jun 12, 2025Thursday, 12 June 2025, 16:15	6.5 MEDIUM	—
uptrace pgdriver v1.2.1 was discovered to contain a SQL injection vulnerability via the appendArg function in /pgdriver/format.go. The maintainer has stated that the issue is fixed in v1.2.15.