Lucene search
K

5 matches found

Circl
Circl
added 2024/01/29 3:41 p.m.9 views

CVE-2019-10749

creationtimestamp| type| source ---|---|--- 2024-01-29 15:41:13+00:00| seen| https://t.me/ctinow/175338...

9.8CVSS8.7AI score0.01228EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2019/11/08 5:5 p.m.7 views

@aaa-backend-stack/graphql (>=1.16.1 <=2.4.4), @aaa-backend-stack/graphql-rest-bindings (>=1.16.0 <=1.16.9) +263 more potentially affected by CVE-2019-10749 via sequelize (>=1.0.2 <=3.34.0)

sequelize NPM version =1.0.2, =1.16.1, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.12.0, =1.0.22, =2.0.10, =1.0.97, =1.6.489, =1.6.735 and more Source cves: CVE-2019-10749 Source advisory: OSV:GHSA-2598-2F59-RMHQ...

9.8CVSS7.2AI score0.01228EPSS
Exploits1
NVD
NVD
added 2019/10/29 7:15 p.m.19 views

CVE-2019-10749

sequelize before version 3.35.1 allows attackers to perform a SQL Injection due to the JSON path keys not being properly sanitized in the Postgres dialect...

9.8CVSS9.8AI score0.01228EPSS
Exploits1References2
CVE
CVE
added 2019/10/29 4:6 p.m.73 views

CVE-2019-10749

CVE-2019-10749 affects sequelize prior to 3.35.1. The vulnerability arises in the Postgres dialect where JSON path keys are not properly sanitized, enabling SQL injection. Affected component: Sequelize (Node.js ORM) code paths used for generating queries with JSON path keys. Exploitation details ...

9.8CVSS9.7AI score0.01228EPSS
Exploits1References2Affected Software1
vulnersOsv
vulnersOsv
added 2019/06/20 10:26 a.m.3 views

@aaa-backend-stack/graphql (>=1.16.1 <=2.4.4), @aaa-backend-stack/graphql-rest-bindings (>=1.16.0 <=1.16.9) +102 more potentially affected by CVE-2019-10749 via sequelize (>=3.0.1 <=3.34.0)

sequelize NPM version =3.0.1, =1.16.1, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.12.0, =1.0.22, =2.0.10, =1.0.97, =1.6.489, =1.6.735 and more Source cves: CVE-2019-10749 Source advisory: SNYK:JS-SEQUELIZE-450222...

9.8CVSS7.2AI score0.01228EPSS
Exploits1
Rows per page
Query Builder