21 matches found
MAL-2026-535 Malicious code in knex.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04fcb32607ead73fe3f1c4443e807ae1deec8bda92999d19da73075af9d61805 The package knex.js was found to contain malicious code. Source: ghsa-malware a1c9b559496940535edc51721d08a3fccda2739e33e34028d59d97b305452aba Any...
Malicious code in knex.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04fcb32607ead73fe3f1c4443e807ae1deec8bda92999d19da73075af9d61805 The package knex.js was found to contain malicious code. Source: ghsa-malware a1c9b559496940535edc51721d08a3fccda2739e33e34028d59d97b305452aba Any...
Malicious Package
Overview knex.js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
EUVD-2019-0687
Malware in sbrugna...
EUVD-2022-7505
Malicious code in bioql PyPI...
CVE-2019-10757
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB...
SQL Injection
knex is vulnerable to SQL Injection attacks. A specifically crafted attack statement through Knex.js allows a malicious user to inject and execute arbitrary SQL queries on the target system, ignoring the WHERE clause of a SQL query...
Knex.js has a limited SQL injection vulnerability
Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. This vulnerability has been fixed in version 2.4.0...
GHSA-4JV9-3563-23J3 Knex.js has a limited SQL injection vulnerability
Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. This vulnerability has been fixed in version 2.4.0...
CVE-2016-20018
Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query...
CVE-2016-20018
Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query...
Sql injection
Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query...
knex.js SQL注入漏洞
knex.js is an open source SQL query generator. A security vulnerability exists in knex.js version 2.3.0 and earlier, which stems from the presence of a restricted SQL injection that can be exploited to ignore the WHERE clause of a SQL query...
CVE-2016-20018
Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query...
CVE-2016-20018
CVE-2016-20018 : Knex.js (project Knex) up to version 2.3.0 contains a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. The connected IBM/NVD listing confirms the vulnerability and CVSS details (HIGH severity, basic score 7.5). The available sou...
PT-2022-7852 · Knex.Js · Knex.Js
Name of the Vulnerable Software and Affected Versions: Knex.js versions through 2.3.0 Description: The issue is a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. This vulnerability has been fixed in version 2.4.0. Users of a12nserver that use...
CVE-2019-10757
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB...
CVE-2019-10757
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB...
Sql injection
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB...
CVE-2019-10757
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB...