feathers-sequelize (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package feathers-sequelize, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2022-2422 — CVSS 10.0 (critical): Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in…
CVE-2022-29823 — CVSS 10.0 (critical): Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a…