Lucene search
+L

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.5 views

CVE-2023-22579

Due to improper parameter filtering in the sequalize js library, can a attacker peform injection...

9.9CVSS6.9AI score0.00809EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/02/23 4:58 p.m.6 views

12g (=0.0.27), 1st-project (=1.0.2) +2906 more potentially affected by CVE-2023-22579 via sequelize (>=1.0.2 <=6.28.0)

sequelize NPM version =1.0.2, =0.0.1, =0.0.2, =0.0.1, =1.2.3, =1.0.0, =0.5.0, =1.16.1, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.0.0, =2.0.1 - @aapokiiso/hsl-congestion-route-pattern-repository =1.0.0 and more Source cves: CVE-2023-22579 Source advisory: OSV:GHSA-VQFX-GJ96-3W95...

9.9CVSS7.2AI score0.00809EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/02/23 4:58 p.m.15 views

@galenjs/framework-next (>=1.0.0 <=1.7.0), @galenjs/models (>=1.1.11 <=1.7.0) +4 more potentially affected by CVE-2023-22579 via @sequelize/core (=7.0.0-alpha.10)

@sequelize/core NPM version =7.0.0-alpha.10 is affected by a known vulnerability. The following packages have a transitive dependency on @sequelize/core and may be impacted: - @galenjs/framework-next =1.0.0, =1.1.11, =0.0.2, =0.0.2, =0.0.30, =0.1.0, =0.1.1 Source cves: CVE-2023-22579 Source...

9.9CVSS7.2AI score0.00809EPSS
Exploits0
OSV
OSV
added 2023/02/23 4:58 p.m.3 views

GHSA-VQFX-GJ96-3W95 Unsafe fall-through in getWhereConditions

Impact Providing an invalid value to the where option of a query caused Sequelize to ignore that option instead of throwing an error. A finder call like the following did not throw an error: ts User.findAll where: new Date, ; As this option is typically used with plain javascript objects, be awar...

9.9CVSS5.7AI score0.00809EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2023/02/23 4:58 p.m.44 views

Unsafe fall-through in getWhereConditions

Impact Providing an invalid value to the where option of a query caused Sequelize to ignore that option instead of throwing an error. A finder call like the following did not throw an error: ts User.findAll where: new Date, ; As this option is typically used with plain javascript objects, be awar...

9.9CVSS8.1AI score0.00809EPSS
Exploits0References10Affected Software2
Cvelist
Cvelist
added 2023/02/16 2:11 p.m.45 views

CVE-2023-22579 Sequalize - Unsafe fall-through in getWhereConditions

Due to improper parameter filtering in the sequalize js library, can a attacker peform injection...

9.9CVSS9.8AI score0.00809EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/16 2:11 p.m.6 views

CVE-2023-22579 Sequalize - Unsafe fall-through in getWhereConditions

Due to improper parameter filtering in the sequalize js library, can a attacker peform injection...

9.9CVSS7AI score0.00809EPSS
Exploits0References2
OSV
OSV
added 2023/02/16 2:11 p.m.26 views

CVE-2023-22579 Sequalize - Unsafe fall-through in getWhereConditions

Due to improper parameter filtering in the sequalize js library, can a attacker peform injection...

9.9CVSS7.2AI score0.00809EPSS
Exploits0References4
Rows per page
Query Builder