Feathersjs Feathers-sequelize
3 CVEs affecting Feathersjs Feathers-sequelize. Latest disclosed: 2022-10-26. Critical: 3, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-2422 | Critical | 10.0 | 2022-10-26 | Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-se… |
CVE-2022-29823 | Critical | 10.0 | 2022-10-26 | Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RC… |
CVE-2022-29822 | Critical | 10.0 | 2022-10-26 | Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection |