6 matches found
EUVD-2025-122047
Malicious code in sequelize-semantic-ui-farout-public npm...
MAL-2025-147884 Malicious code in sequelize-version-build-thuban (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bba6079591827284cd67207a074de45cba5c746afc4d3cb6faac41206fdddfe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
GHSA-QPV8-4PJQ-QQH7 feathers-sequelize contains improper input validation leading to SQL injection
Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...
CVE-2022-2422
Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...
CVE-2022-2422
CVE-2022-2422 describes a SQL injection in Feathers.js when using feathers-sequelize, caused by improper input validation in the library. Reports from multiple sources (NVD, Veracode, GHSA, OSV, CVE list) indicate a high/critical impact with potential remote exploitation via standard network vect...
CVE-2022-2422 Feathers - SQL injection via attribute aliases
Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...