EUVD-2022-7026

Malicious code in bioql PyPI...

EUVD-2022-7154

Malicious code in bioql PyPI...

GHSA-QPV8-4PJQ-QQH7 feathers-sequelize contains improper input validation leading to SQL injection

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

GHSA-5HQ7-J5WQ-P227 feathers-sequelize vulnerable to SQL injection due to improper parameter filtering

feathers-sequelize is vulnerable to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection...

feathers-sequelize contains improper input validation leading to SQL injection

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

feathers-sequelize vulnerable to SQL injection due to improper parameter filtering

feathers-sequelize is vulnerable to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection...

CVE-2022-2422

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

CVE-2022-2422

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

CVE-2022-29822

Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection...

CVE-2022-29822

Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection...

Sql injection

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

Sql injection

Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection...

CVE-2022-2422

CVE-2022-2422 describes a SQL injection in Feathers.js when using feathers-sequelize, caused by improper input validation in the library. Reports from multiple sources (NVD, Veracode, GHSA, OSV, CVE list) indicate a high/critical impact with potential remote exploitation via standard network vect...

CVE-2022-29822

CVE-2022-29822 involves a SQL injection risk in Feathers Sequelize. Multiple connected sources describe a flaw in the Feathersjs/Feathers-Sequelize stack where improper parameter filtering (notably in the _find path of index.js) allows attacker-controlled input to influence SQL queries. The vulne...