Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/03/27 5:9 p.m.4 views

CVE-2026-33442

Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the sanitizeStringLiteral method in Kysely's query compiler escapes single quotes ' → '' but does not escape backslashes. On MySQL with the default BACKSLASHESCAPES SQL mode, an attacker can inject a backslash...

8.1CVSS6AI score0.00442EPSS
Exploits1References1
NVD
NVD
added 2026/03/26 5:16 p.m.7 views

CVE-2026-33442

Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the sanitizeStringLiteral method in Kysely's query compiler escapes single quotes ' → '' but does not escape backslashes. On MySQL with the default BACKSLASHESCAPES SQL mode, an attacker can inject a backslash...

8.1CVSS0.00442EPSS
Exploits1References1
OSV
OSV
added 2026/03/26 5:1 p.m.6 views

CVE-2026-33442 Kysely has a MySQL SQL Injection via Backslash Escape Bypass in non-type-safe usage of JSON path keys.

Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the sanitizeStringLiteral method in Kysely's query compiler escapes single quotes ' → '' but does not escape backslashes. On MySQL with the default BACKSLASHESCAPES SQL mode, an attacker can inject a backslash...

8.1CVSS6AI score0.00442EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/20 8:48 p.m.3 views

SQL Injection

Overview kysely is a Type safe SQL query builder Affected versions of this package are vulnerable to SQL Injection via the sanitizeStringLiteral function. An attacker can execute arbitrary SQL commands by supplying specially crafted input containing backslashes and quotes, which are not properly...

9.2CVSS6.1AI score0.00419EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/20 8:48 p.m.2 views

SQL Injection

Overview kysely is a Type safe SQL query builder Affected versions of this package are vulnerable to SQL Injection via the sanitizeStringLiteral function. An attacker can execute arbitrary SQL commands by supplying specially crafted input containing backslashes and single quotes, which are not...

9.2CVSS6.2AI score0.00442EPSS
Exploits1References2
Rows per page
Query Builder