Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SequelizejsSequelize

3 matches found

CVE
CVEadded 2019/10/29 7:15 p.m.73 views

CVE-2019-10748

Sequelize all versions prior to 3.35.1, 4.44.3, and 5.8.11 are vulnerable to SQL Injection due to JSON path keys not being properly escaped for the MySQL/MariaDB dialects.

9.8CVSS9.8AI score0.00427EPSS
CVE
CVEadded 2019/10/17 7:15 p.m.66 views

CVE-2019-10752

Sequelize, all versions prior to version 4.44.3 and 5.15.1, is vulnerable to SQL Injection due to sequelize.json() helper function not escaping values properly when formatting sub paths for JSON queries for MySQL, MariaDB and SQLite.

9.8CVSS9.8AI score0.00427EPSS
CVE
CVEadded 2019/10/29 7:15 p.m.55 views

CVE-2019-10749

sequelize before version 3.35.1 allows attackers to perform a SQL Injection due to the JSON path keys not being properly sanitized in the Postgres dialect.

9.8CVSS9.7AI score0.00357EPSS