Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2019/10/21 4:12 p.m.5 views

63pokupki-nodejs-common (=0.0.2), @63pokupki/nodejs-common (>=0.0.2 <=0.0.85) +1209 more potentially affected by CVE-2019-10757 via knex (>=0.10.0 <=0.19.4)

knex NPM version =0.10.0, =0.0.2, =1.0.10, =0.0.1, =4.0.0, =0.0.1, =0.1.0, =0.0.1, =0.2.0, =0.1.0, =0.1.1, =0.5.0 and more Source cves: CVE-2019-10757 Source advisory: OSV:GHSA-58V4-QWX5-7F59...

9.8CVSS7.8AI score0.01159EPSS
Exploits1
CVE
CVE
added 2019/10/08 7:4 p.m.65 views

CVE-2019-10757

CVE-2019-10757 affects knex.js versions before 0.19.5. The root cause is that identifiers are escaped incorrectly in the MSSQL dialect, enabling an attacker to craft a malicious query to the host database (SQL Injection). Impact is described as vulnerable to SQL injection; mitigation provided in ...

9.8CVSS9.7AI score0.01159EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/10/08 7:4 p.m.17 views

CVE-2019-10757

knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB...

9.8AI score0.01159EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2019/10/07 12:51 p.m.6 views

63pokupki-nodejs-common (=0.0.2), @63pokupki/nodejs-common (>=0.0.2 <=0.0.85) +1209 more potentially affected by CVE-2019-10757 via knex (>=0.10.0 <=0.19.4)

knex NPM version =0.10.0, =0.0.2, =1.0.10, =0.0.1, =4.0.0, =0.0.1, =0.1.0, =0.0.1, =0.2.0, =0.1.0, =0.1.1, =0.5.0 and more Source cves: CVE-2019-10757 Source advisory: SNYK:JS-KNEX-471962...

9.8CVSS7.8AI score0.01159EPSS
Exploits1
Rows per page
Query Builder