CVE-2019-10766

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-10766

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10766.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-10766

Aliases

GHSA-68wg-qv6r-j4vp

Related

SNYK-PHP-USMANHALALITPIXIE-534879

Published

2019-11-19T20:15:12.087Z

Modified

2026-04-11T18:24:44.394205Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization.

References

https://snyk.io/vuln/SNYK-PHP-USMANHALALITPIXIE-534879

Affected packages

Git / github.com/usmanhalalit/pixie

Affected ranges

Type

GIT

Repo

https://github.com/usmanhalalit/pixie

Events

Introduced

4822fdd1204cec84e1f6c609910c26b3d1256e9d

Fixed

c091ad1b3f20a5a4b3e9acd73a59f809dacdc81f

Introduced

5820ef4f62c7be697767fd84830b7ad6fc057375

Fixed

873e70e63b6802634050d9fb3d38a9bc0c5d23fc

Database specific

{
    "extracted_events": [
        {
            "introduced": "1.0.0"
        },
        {
            "fixed": "1.0.3"
        },
        {
            "introduced": "2.0.0"
        },
        {
            "fixed": "2.0.2"
        }
    ],
    "cpe": "cpe:2.3:a:pixie_project:pixie:*:*:*:*:*:*:*:*",
    "source": "CPE_FIELD"
}

Affected versions

1.*

1.0.0

1.0.1

1.0.2

2.*

2.0.0

2.0.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10766.json"