CVE-2022-29822

Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection
References
Link Resource
https://csirt.divd.nl/CVE-2022-29822/ Third Party Advisory
https://csirt.divd.nl/DIVD-2022-00020 Third Party Advisory
https://csirt.divd.nl/CVE-2022-29822/ Third Party Advisory
https://csirt.divd.nl/DIVD-2022-00020 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:feathersjs:feathers-sequelize:*:*:*:*:*:node.js:*:*

History

21 Nov 2024, 06:59

Type Values Removed Values Added
References () https://csirt.divd.nl/CVE-2022-29822/ - Third Party Advisory () https://csirt.divd.nl/CVE-2022-29822/ - Third Party Advisory
References () https://csirt.divd.nl/DIVD-2022-00020 - Third Party Advisory () https://csirt.divd.nl/DIVD-2022-00020 - Third Party Advisory
CVSS v2 : unknown
v3 : 9.8
v2 : unknown
v3 : 10.0

02 Jan 2024, 19:15

Type Values Removed Values Added
Summary Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection

07 Nov 2023, 03:46

Type Values Removed Values Added
Summary Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection

28 Jul 2023, 14:13

Type Values Removed Values Added
First Time Feathersjs feathers-sequelize
Feathersjs
CPE cpe:2.3:a:featherjs:feathers-sequelize:*:*:*:*:*:node.js:*:* cpe:2.3:a:feathersjs:feathers-sequelize:*:*:*:*:*:node.js:*:*

Information

Published : 2022-10-26 10:15

Updated : 2024-11-21 06:59


NVD link : CVE-2022-29822

Mitre link : CVE-2022-29822

CVE.ORG link : CVE-2022-29822


JSON object : View

Products Affected

feathersjs

  • feathers-sequelize
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')