CVE-2026-31825

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-31825

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31825.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-31825

Aliases

GHSA-xcwx-r2gw-w93m

Published

2026-03-10T21:33:26.471Z

Modified

2026-04-10T05:42:11.041Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

Sylius has a DQL Injection via API Order Filters

Details

Sylius is an Open Source eCommerce Framework on Symfony. Sylius API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter pass user-supplied order direction values directly to Doctrine's orderBy() without validation. An attacker can inject arbitrary DQL. The issue is fixed in versions: 1.9.12, 1.10.16, 1.11.17, 1.12.23, 1.13.15, 1.14.18, 2.0.16, 2.1.12, 2.2.3 and above.

Database specific

{
    "cwe_ids": [
        "CWE-89",
        "CWE-943"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31825.json"
}

References

Affected packages

Git / github.com/sylius/sylius

Affected ranges

Type

GIT

Repo

https://github.com/sylius/sylius

Events

Introduced

7aa47be3a617f75337d73d245352ea700bc8a1ef

Fixed

111d96b1bea7cb59bc2f7b4c6d35d5cd05872195

Database specific

{
    "versions": [
        {
            "introduced": "2.2.0"
        },
        {
            "fixed": "2.2.3"
        }
    ]
}

Type

GIT

Repo

https://github.com/sylius/sylius

Events

Introduced

a5a816f9f1fcb5abd2d42b27801656aa2ae9bf0d

Fixed

d8092f21ee9606b0155231fe892d9d54fc44986e

Database specific

{
    "versions": [
        {
            "introduced": "2.1.0"
        },
        {
            "fixed": "2.1.12"
        }
    ]
}

Type

GIT

Repo

https://github.com/sylius/sylius

Events

Introduced

6dd3ca9895be7ab7e6cb71f37af2ef66af17cbe0

Fixed

af579b0b6eaa10ea0883fb458484718c80fc96c7

Database specific

{
    "versions": [
        {
            "introduced": "2.0.0"
        },
        {
            "fixed": "2.0.16"
        }
    ]
}

Type

GIT

Repo

https://github.com/sylius/sylius

Events

Introduced

57dcd9e53275a880c77d4ec2c4fad9f567f420be

Fixed

904251ad760dfdc4a3ad321144bdb1bade159019

Database specific

{
    "versions": [
        {
            "introduced": "1.14.0"
        },
        {
            "fixed": "1.14.18"
        }
    ]
}

Type

GIT

Repo

https://github.com/sylius/sylius

Events

Introduced

c8799bea638c5e4ab07a28f66f628d38d8174b41

Fixed

0b2babf51968a8d27b4ae8dcb9121e222272f006

Database specific

{
    "versions": [
        {
            "introduced": "1.13.0"
        },
        {
            "fixed": "1.13.15"
        }
    ]
}

Type

GIT

Repo

https://github.com/sylius/sylius

Events

Introduced

74dd42a09e50620a5f54f9a01676e003160d9f3a

Fixed

e3d9bd29624b531884e998f1458b5955bbbb0552

Database specific

{
    "versions": [
        {
            "introduced": "1.12.0"
        },
        {
            "fixed": "1.12.23"
        }
    ]
}

Type

GIT

Repo

https://github.com/sylius/sylius

Events

Introduced

d8a10279adea6a11039f2aeef37bc2cbc686c971

Fixed

523412eb780f501dd9bcb6f718e65640c606863c

Database specific

{
    "versions": [
        {
            "introduced": "1.11.0"
        },
        {
            "fixed": "1.11.17"
        }
    ]
}

Type

GIT

Repo

https://github.com/sylius/sylius

Events

Introduced

a367bc010cbee9fdf491dc76397198231f14ab63

Fixed

82c395a524fff8a732e4f466d0c6bdca48e63a39

Database specific

{
    "versions": [
        {
            "introduced": "1.10.0"
        },
        {
            "fixed": "1.10.16"
        }
    ]
}

Type

GIT

Repo

https://github.com/sylius/sylius

Events

Introduced

Fixed

8da3f314f52152b88433651aab5743c06a6820c8

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.9.12"
        }
    ]
}

Affected versions

v0.*

v0.1.0

v0.10.0

v0.11.0

v0.12.0

v0.13.0

v0.14.0

v0.15.0

v0.16.0

v0.17.0

v0.18.0

v0.19.0

v0.5.0

v0.6.0

v0.7.0

v0.8.0

v0.9.0

v1.*

v1.0.0

v1.0.0-alpha.1

v1.0.0-alpha.2

v1.0.0-beta.1

v1.0.0-beta.2

v1.0.0-beta.3

v1.0.0-rc.1

v1.0.0-rc.2

v1.10.0

v1.10.1

v1.10.12

v1.10.13

v1.10.14

v1.10.15

v1.10.2

v1.10.3

v1.10.4

v1.10.5

v1.10.6

v1.10.8

v1.10.9

v1.11.0

v1.11.11

v1.11.12

v1.11.13

v1.11.14

v1.11.15

v1.11.16

v1.11.3

v1.11.4

v1.11.5

v1.11.6

v1.11.7

v1.12.0

v1.12.1

v1.12.10

v1.12.11

v1.12.12

v1.12.13

v1.12.14

v1.12.15

v1.12.16

v1.12.17

v1.12.18

v1.12.19

v1.12.2

v1.12.20

v1.12.21

v1.12.22

v1.12.3

v1.12.4

v1.12.5

v1.12.6

v1.12.7

v1.12.8

v1.12.9

v1.13.0

v1.13.1

v1.13.10

v1.13.11

v1.13.12

v1.13.13

v1.13.14

v1.13.2

v1.13.3

v1.13.4

v1.13.5

v1.13.6

v1.13.7

v1.13.8

v1.13.9

v1.14.0

v1.14.1

v1.14.10

v1.14.11

v1.14.12

v1.14.13

v1.14.14

v1.14.15

v1.14.16

v1.14.17

v1.14.2

v1.14.3

v1.14.4

v1.14.5

v1.14.6

v1.14.7

v1.14.8

v1.14.9

v1.2.0-BETA

v1.4.0-BETA.1

v1.6.0-ALPHA.1

v1.6.0-ALPHA.2

v1.7.0-ALPHA.1

v1.7.0-ALPHA.2

v1.9.0

v1.9.0-ALPHA.1

v1.9.0-ALPHA.2

v1.9.0-BETA.1

v1.9.0-BETA.2

v1.9.0-BETA.3

v1.9.0-RC.1

v1.9.0-RC.2

v1.9.1

v1.9.11

v1.9.2

v1.9.3

v1.9.4

v1.9.5

v1.9.6

v1.9.7

v1.9.8

v1.9.9

v2.*

v2.0.0

v2.0.1

v2.0.10

v2.0.11

v2.0.12

v2.0.13

v2.0.14

v2.0.15

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v2.0.8

v2.0.9

v2.1.0

v2.1.1

v2.1.10

v2.1.11

v2.1.2

v2.1.3

v2.1.4

v2.1.5

v2.1.6

v2.1.7

v2.1.8

v2.1.9

v2.2.0

v2.2.1

v2.2.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31825.json"