8 matches found
CVE-2023-22579
Due to improper parameter filtering in the sequalize js library, can a attacker peform injection...
12g (=0.0.27), 1st-project (=1.0.2) +2906 more potentially affected by CVE-2023-22579 via sequelize (>=1.0.2 <=6.28.0)
sequelize NPM version =1.0.2, =0.0.1, =0.0.2, =0.0.1, =1.2.3, =1.0.0, =0.5.0, =1.16.1, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.0.0, =2.0.1 - @aapokiiso/hsl-congestion-route-pattern-repository =1.0.0 and more Source cves: CVE-2023-22579 Source advisory: OSV:GHSA-VQFX-GJ96-3W95...
@galenjs/framework-next (>=1.0.0 <=1.7.0), @galenjs/models (>=1.1.11 <=1.7.0) +4 more potentially affected by CVE-2023-22579 via @sequelize/core (=7.0.0-alpha.10)
@sequelize/core NPM version =7.0.0-alpha.10 is affected by a known vulnerability. The following packages have a transitive dependency on @sequelize/core and may be impacted: - @galenjs/framework-next =1.0.0, =1.1.11, =0.0.2, =0.0.2, =0.0.30, =0.1.0, =0.1.1 Source cves: CVE-2023-22579 Source...
GHSA-VQFX-GJ96-3W95 Unsafe fall-through in getWhereConditions
Impact Providing an invalid value to the where option of a query caused Sequelize to ignore that option instead of throwing an error. A finder call like the following did not throw an error: ts User.findAll where: new Date, ; As this option is typically used with plain javascript objects, be awar...
Unsafe fall-through in getWhereConditions
Impact Providing an invalid value to the where option of a query caused Sequelize to ignore that option instead of throwing an error. A finder call like the following did not throw an error: ts User.findAll where: new Date, ; As this option is typically used with plain javascript objects, be awar...
CVE-2023-22579 Sequalize - Unsafe fall-through in getWhereConditions
Due to improper parameter filtering in the sequalize js library, can a attacker peform injection...
CVE-2023-22579 Sequalize - Unsafe fall-through in getWhereConditions
Due to improper parameter filtering in the sequalize js library, can a attacker peform injection...
CVE-2023-22579 Sequalize - Unsafe fall-through in getWhereConditions
Due to improper parameter filtering in the sequalize js library, can a attacker peform injection...