CVE-2024-51999

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error and is not a valid vulnerability. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage...

CVE-2024-51999

Express.js minimalist web framework for node. Prior to 5.2.0 and 4.22.0, when using the extended query parser in express 'query parser': 'extended', the request.query object inherits all object prototype properties, but these properties can be overwritten by query string parameter keys that match...

CVE-2024-51999

CVE-2024-51999 is rejected and not a valid vulnerability entry.

CVE-2024-51999

...

EUVD-2025-200074

express improperly controls modification of query properties...

Withdrawn Advisory: express improperly controls modification of query properties

Withdrawn Advisory This advisory has been withdrawn because it describes a correctness bug, not a vulnerability with real security impact. This link is maintained to preserve external references. Original Description Impact when using the extended query parser in express 'query parser': 'extended...

GHSA-PJ86-CFQH-VQX6 Withdrawn Advisory: express improperly controls modification of query properties

Withdrawn Advisory This advisory has been withdrawn because it describes a correctness bug, not a vulnerability with real security impact. This link is maintained to preserve external references. Original Description Impact when using the extended query parser in express 'query parser': 'extended...

PT-2025-48543

Name of the Vulnerable Software and Affected Versions Express.js versions prior to 5.2.0 Express.js versions prior to 4.22.0 Description Express.js, a minimalist web framework for Node.js, is affected by an issue where the request.query object inherits all object prototype properties when using t...

SUSE CVE-2024-32888

The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces APIs available in the Java Platform, Enterprise Editions. Prior to version 2.1.0.28, SQL injection is possible when using the non-default...

GHSA-X3WM-HFFR-CHWM Amazon JDBC Driver for Redshift SQL Injection via line comment generation

Impact SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code which has a vulnerable SQL that negates a parameter value. There is no vulnerability in the driver when using the default, extended query mode. Note that...

org.postgresql:postgresql vulnerable to SQL Injection via line comment generation

Impact SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code that has a vulnerable SQL that negates a parameter value. There is no vulnerability in the driver when using the default query mode. Users that do not overri...