Vulnerability Database

296,137

Total vulnerabilities in the database

CVE-2023-22578

Due to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections.

Published: Feb 16, 2023
Updated: May 9, 2024
CVE: CVE-2023-22578
GHSA: GHSA-f598-mfpv-gmfx
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-790

Affected Software
References

Software	From	Fixed in
sequelizejs / sequelize	7.0.0-alpha1	7.0.0-alpha1.x
sequelizejs / sequelize	7.0.0-alpha10	7.0.0-alpha10.x
sequelizejs / sequelize	7.0.0-alpha11	7.0.0-alpha11.x
sequelizejs / sequelize	7.0.0-alpha12	7.0.0-alpha12.x
sequelizejs / sequelize	7.0.0-alpha13	7.0.0-alpha13.x
sequelizejs / sequelize	7.0.0-alpha14	7.0.0-alpha14.x
sequelizejs / sequelize	7.0.0-alpha15	7.0.0-alpha15.x
sequelizejs / sequelize	7.0.0-alpha16	7.0.0-alpha16.x
sequelizejs / sequelize	7.0.0-alpha17	7.0.0-alpha17.x
sequelizejs / sequelize	7.0.0-alpha18	7.0.0-alpha18.x
sequelizejs / sequelize	7.0.0-alpha19	7.0.0-alpha19.x
sequelizejs / sequelize	7.0.0-alpha2	7.0.0-alpha2.x
sequelizejs / sequelize	7.0.0-alpha2.1	7.0.0-alpha2.1.x
sequelizejs / sequelize	7.0.0-alpha2.2	7.0.0-alpha2.2.x
sequelizejs / sequelize	7.0.0-alpha3	7.0.0-alpha3.x
sequelizejs / sequelize	7.0.0-alpha4	7.0.0-alpha4.x
sequelizejs / sequelize	7.0.0-alpha5	7.0.0-alpha5.x
sequelizejs / sequelize	7.0.0-alpha6	7.0.0-alpha6.x
sequelizejs / sequelize	7.0.0-alpha7	7.0.0-alpha7.x
sequelizejs / sequelize	7.0.0-alpha8	7.0.0-alpha8.x
sequelizejs / sequelize	7.0.0-alpha9	7.0.0-alpha9.x
sequelizejs / sequelize	7.0.0-oc_test_1	7.0.0-oc_test_1.x
sequelizejs / sequelize	7.0.0-oc_test_2	7.0.0-oc_test_2.x
sequelizejs / sequelize	7.0.0-oc_test_3	7.0.0-oc_test_3.x
sequelizejs / sequelize	7.0.0-oc_test_4	7.0.0-oc_test_4.x
sequelizejs / sequelize	-	6.29.0
@sequelize / core	-	7.0.0-alpha.20
sequelize	-	6.29.0