Lucene search
PRIOn knowledge basePRION:CVE-2022-29823HistoryOct 26, 2022 - 10:15 a.m.
Remote code execution
2022-10-2610:15:00
PRIOn knowledge base
www.prio-n.com
3
feather-sequalize
cleanquery
vulnerability
insecure logic
remote code execution
rce
application privileges
nvd
Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| feathers-sequelize | ge | 6.0.0 | |
| feathers-sequelize | lt | 6.3.4 |
Related
osv
osv
CVE-2022-29823
2022-10-26 10:15:16
Feather-Sequelize cleanQuery method vulnerable to Prototype Pollution
2022-10-26 12:00:28
nvd
nvd
CVE-2022-29823
2022-10-26 10:15:16
cvelist
cvelist
CVE-2022-29823 Feathers - Query “__proto__” is converted to real prototype
2022-10-25 00:00:00
cve
cve
CVE-2022-29823
2022-10-26 10:15:16
veracode
veracode
Prototype Pollution
2022-11-20 11:38:54
github
github
Feather-Sequelize cleanQuery method vulnerable to Prototype Pollution
2022-10-26 12:00:28