9.8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.5%
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB.
snyk.io/vuln/SNYK-JS-KNEX-471962