CVSS: 9.9EPSS: 0%CPEs: 26EXPL: 0CVE-2023-22579 – Sequalize - Unsafe fall-through in getWhereConditions
https://notcve.org/view.php?id=CVE-2023-22579
16 Feb 2023 — Due to improper parameter filtering in the sequalize js library, can a attacker peform injection. • https://csirt.divd.nl/CVE-2023-22579 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2023-22578 – Sequalize - Default support for “raw attributes” when using parentheses
https://notcve.org/view.php?id=CVE-2023-22578
16 Feb 2023 — Due to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections. • https://csirt.divd.nl/CVE-2023-22578 • CWE-790: Improper Filtering of Special Elements •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 1CVE-2023-22580 – Sequalize - Bad query filtering leading to SQL errors
https://notcve.org/view.php?id=CVE-2023-22580
10 Jan 2023 — Due to improper input filtering in the sequalize js library, can malicious queries lead to sensitive information disclosure. Tiki Wiki CMS Groupware versions 24.0 and below suffers from a PHP object injection vulnerability in grid.php. • https://packetstorm.news/files/id/170434 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •