Information Disclosure

2023-02-1819:44:02

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

sequelize

vulnerability

information disclosure

remote attacker

input filtering

sensitive information

0.001 Low

EPSS

Percentile

44.0%

JSON

sequelize is vulnerable to Information Disclosure. A remote unauthenticated attacker is able to inject malicious queries due to improper input filtering, resulting in the disclosure of sensitive information.

CPENameOperatorVersion
sequelizele7.0.0-alpha.9
sequelizele6.28.0
@sequelize/corele7.0.0-alpha.19
sequelizele7.0.0-alpha.9
sequelizele6.28.0
@sequelize/corele7.0.0-alpha.19