CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

9.8CVSS9.8AI score0.00729EPSS

Exploits0References7

Github Security Blog•added 2022/10/26 12:0 p.m.•106 views

feathers-sequelize vulnerable to SQL injection due to improper parameter filtering

feathers-sequelize is vulnerable to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection...

10CVSS9.6AI score0.00729EPSS

Exploits0References7Affected Software1

Github Security Blog•added 2022/10/26 12:0 p.m.•22 views

feathers-sequelize contains improper input validation leading to SQL injection

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

10CVSS4AI score0.00729EPSS

Exploits0References7Affected Software1

NVD•added 2022/10/26 10:15 a.m.•37 views

CVE-2022-2422

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

10CVSS0.00729EPSS

Exploits0References2

OSV•added 2022/10/26 10:15 a.m.•26 views

CVE-2022-2422

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

9.8CVSS9.8AI score0.00729EPSS

Exploits0References2

NVD•added 2022/10/26 10:15 a.m.•21 views

CVE-2022-29822

Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection...

10CVSS0.00729EPSS

Exploits0References2

OSV•added 2022/10/26 10:15 a.m.•24 views

CVE-2022-29822

Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection...

9.8CVSS9.8AI score0.00729EPSS

Exploits0References2

Prion•added 2022/10/26 10:15 a.m.•17 views

Sql injection

Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection...

7.5CVSS9.7AI score0.00729EPSS

Exploits0References2Affected Software1

Prion•added 2022/10/26 10:15 a.m.•19 views

Sql injection

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

7.5CVSS9.7AI score0.00729EPSS

Exploits0References2Affected Software1

CVE•added 2022/10/25 12:0 a.m.•72 views

CVE-2022-2422

CVE-2022-2422 describes a SQL injection in Feathers.js when using feathers-sequelize, caused by improper input validation in the library. Reports from multiple sources (NVD, Veracode, GHSA, OSV, CVE list) indicate a high/critical impact with potential remote exploitation via standard network vect...

10CVSS9.8AI score0.00729EPSS

Exploits0References2Affected Software1

CVE•added 2022/10/25 12:0 a.m.•74 views

CVE-2022-29822

CVE-2022-29822 involves a SQL injection risk in Feathers Sequelize. Multiple connected sources describe a flaw in the Feathersjs/Feathers-Sequelize stack where improper parameter filtering (notably in the _find path of index.js) allows attacker-controlled input to influence SQL queries. The vulne...

10CVSS9.8AI score0.00729EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by