Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
FeathersjsFeathers-sequelize*

3 matches found

CVE
CVEadded 2022/10/26 10:15 a.m.57 views

CVE-2022-2422

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used.

10CVSS9.8AI score0.00066EPSS
CVE
CVEadded 2022/10/26 10:15 a.m.56 views

CVE-2022-29822

Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection

10CVSS9.8AI score0.00062EPSS
CVE
CVEadded 2022/10/26 10:15 a.m.55 views

CVE-2022-29823

Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.

10CVSS9.7AI score0.01107EPSS