Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:39313
HistoryFeb 17, 2023 - 6:27 a.m.

SQL Injection

2023-02-1706:27:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
59
sql injection
sequelize
vulnerability
improper attribute filtering
target system
attack statement

0.002 Low

EPSS

Percentile

51.7%

JSON

sequelize is vulnerable to SQL Injection attacks. A specifically crafted attack statement through query-generator.js allows a malicious user to inject and execute arbitrary SQL queries on the target system due to improper attribute filtering.

Related

nvd 1
osv 2
prion 1
cvelist 1
cve 1
github 1
ibm 1
nvd
nvd
CVE-2023-22578
2023-02-16 15:15:18
osv
osv
Sequelize - Default support for “raw attributes” when using parentheses
2023-02-24 18:48:49
CVE-2023-22578
2023-02-16 15:15:18
prion
prion
Sql injection
2023-02-16 15:15:00
cvelist
cvelist
CVE-2023-22578 Sequalize - Default support for “raw attributes” when using parentheses
2023-02-16 14:11:36
cve
cve
CVE-2023-22578
2023-02-16 15:15:18
github
github
Sequelize - Default support for “raw attributes” when using parentheses
2023-02-24 18:48:49
ibm
ibm
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
2023-06-16 15:19:39

0.002 Low

EPSS

Percentile

51.7%

JSON
Related for VERACODE:39313
nvd1osv2prion1cvelist1cve1github1ibm1