Versions of sequelize-cli
prior to 5.5.0 are vulnerable to Sensitive Data Exposure. The function filteredURL()
does not properly sanitize the config.password
value which may cause passwords with special characters to be logged in plain text.
Upgrade to version 5.5.0 or later.
Vendor | Product | Version | CPE |
---|---|---|---|
* | sequelize-cli | * | cpe:2.3:a:*:sequelize-cli:*:*:*:*:*:*:*:* |