GHSA-3XC7-XG67-PW99 Sensitive Data Exposure in sequelize-cli

Versions of sequelize-cli prior to 5.5.0 are vulnerable to Sensitive Data Exposure. The function filteredURL does not properly sanitize the config.password value which may cause passwords with special characters to be logged in plain text. Recommendation Upgrade to version 5.5.0 or later...

@apifie/node-microservice (>=0.0.1 <=1.0.3), @conversationai/moderator-backend-api (>=1.0.0 <=1.0.6) +101 more potentially affected by unknown CVE via sequelize-cli (>=1.2.0 <=5.4.0)

sequelize-cli NPM version =1.2.0, =0.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =1.0.0, =1.0.0-beta.1, =2.2.1, =3.1.5, =0.0.10, =0.0.6, =0.0.1, =1.1.7, =1.1.12 and more Source cves: unknown CVE Source advisory: OSV:GHSA-3XC7-XG67-PW99...

Sensitive Data Exposure in sequelize-cli

Versions of sequelize-cli prior to 5.5.0 are vulnerable to Sensitive Data Exposure. The function filteredURL does not properly sanitize the config.password value which may cause passwords with special characters to be logged in plain text. Recommendation Upgrade to version 5.5.0 or later...

Sensitive Information Disclosure

sequelize-cli is vulnerable to sensitive information disclosure. The vulnerability exists as the config.password value is logged unencrypted into log files, allowing a local user to retrieve the configuration password...

Sensitive Data Exposure

Overview Versions of sequelize-cli prior to 5.5.0 are vulnerable to Sensitive Data Exposure. The function filteredURL does not properly sanitize the config.password value which may cause passwords with special characters to be logged in plain text. Recommendation Upgrade to version 5.5.0 or later...