5 matches found
CVE-2023-22580
Due to improper input filtering in the sequalize js library, can malicious queries lead to sensitive information disclosure...
CVE-2023-22580
creationtimestamp| type| source ---|---|--- 2023-02-16 18:12:39+00:00| seen| https://t.me/cibsecurity/58331...
@galenjs/framework-next (>=1.0.0 <=1.7.0), @galenjs/models (>=1.1.11 <=1.7.0) +4 more potentially affected by CVE-2023-22580 via @sequelize/core (=7.0.0-alpha.10)
@sequelize/core NPM version =7.0.0-alpha.10 is affected by a known vulnerability. The following packages have a transitive dependency on @sequelize/core and may be impacted: - @galenjs/framework-next =1.0.0, =1.1.11, =0.0.2, =0.0.2, =0.0.30, =0.1.0, =0.1.1 Source cves: CVE-2023-22580 Source...
CVE-2023-22580 Sequalize - Bad query filtering leading to SQL errors
Due to improper input filtering in the sequalize js library, can malicious queries lead to sensitive information disclosure...
CVE-2023-22580
CVE-2023-22580 describes a vulnerability in the Sequelize JS library where improper input filtering can allow malicious queries to disclose sensitive information. The issue affects Sequelize (library/file level) and is associated with a confidentiality impact (per CVSS) without explicit exploit d...