EPSS
Percentile
47.2%
sequelize is vulnerable to Information Disclosure. A remote unauthenticated attacker is able to inject malicious queries due to improper input filtering, resulting in the disclosure of sensitive information.
csirt.divd.nl/CVE-2023-22580
csirt.divd.nl/cves/CVE-2023-22580/
csirt.divd.nl/DIVD-2022-00020/
github.com/advisories/GHSA-8c25-f3mj-v6h8
github.com/sequelize/sequelize/commit/6c71dbd6a224f77955cb17eab982cef1c44ed521
github.com/sequelize/sequelize/pull/15375