5 matches found
CVE-2019-10752
creationtimestamp| type| source ---|---|--- 2024-01-16 11:37:01+00:00| seen| https://t.me/ctinow/168759...
ayakashi (>=1.0.0-beta3 <=1.0.0-beta5.2), cplotter-validator (>=0.0.1 <=0.0.2) +7 more potentially affected by CVE-2019-10752 via sequelize (>=5.10.0 <=5.14.0)
sequelize NPM version =5.10.0, =1.0.0-beta3, =0.0.1, =2.0.0-alpha.2, =1.0.0-beta.15, =2.0.0, =1.0.8, =1.0.9 Source cves: CVE-2019-10752 Source advisory: OSV:GHSA-M9JW-237R-GVFV...
CVE-2019-10752
CVE-2019-10752 affects the Sequelize ORM. All versions prior to 4.44.3 and 5.15.1 are vulnerable to SQL Injection because the helper function sequelize.json() does not escape values properly when formatting sub paths for JSON queries in MySQL, MariaDB and SQLite. The vulnerability is documented a...
@alexbp-ds/microservice-wrapper (=1.1.8), @apifie/node-microservice (>=0.0.1 <=1.0.3) +94 more potentially affected by CVE-2019-10752 via sequelize (>=4.0.0 <=4.44.2)
sequelize NPM version =4.0.0, =0.0.1, =4.0.2, =1.0.16, =1.0.20, =1.0.18, =1.0.10, =1.0.0, =0.1.0, =0.0.1, =1.0.0, =1.0.6, =5.1.3, =1.6.7, =0.6.3, =0.6.5 and more Source cves: CVE-2019-10752 Source advisory: SNYK:JS-SEQUELIZE-459751...
ayakashi (>=1.0.0-beta3 <=1.0.0-beta5.2), cplotter-validator (>=0.0.1 <=0.0.2) +7 more potentially affected by CVE-2019-10752 via sequelize (>=5.10.0 <=5.14.0)
sequelize NPM version =5.10.0, =1.0.0-beta3, =0.0.1, =2.0.0-alpha.2, =1.0.0-beta.15, =2.0.0, =1.0.8, =1.0.9 Source cves: CVE-2019-10752 Source advisory: SNYK:JS-SEQUELIZE-459751...