pkg:npm/sequelize

All known vulnerabilities

• CRITICAL10.0CVE-2023-22578Sequelize - Default support for “raw attributes” when using parentheses
  from 0, < 6.29.0
• CRITICAL10.0CVE-2023-25813Sequelize vulnerable to SQL Injection via replacements
  from 0, < 6.19.1
• CRITICAL9.9CVE-2023-22579Unsafe fall-through in getWhereConditions
  from 0, < 6.28.1
• CRITICAL9.8SQL Injection via GeoJSON in sequelize
  >= 3.4.0, < 3.23.6
• CRITICAL9.8SQL Injection in sequelize
  from 0, < 3.35.1
• CRITICAL9.8SQL Injection in sequelize
  from 0, < 3.35.1
• CRITICAL9.8SQL Injection in sequelize
  from 0, < 4.44.3
• HIGH7.5Sequelize v6 Vulnerable to SQL Injection via JSON Column Cast Type
  >= 6.0.0-beta.1, < 6.37.8
• HIGH7.5SQL Injection in sequelize
  >= 5.0.0, < 5.3.0
• HIGH7.5SQL Injection in sequelize
  from 0, < 3.20.0
• MEDIUM5.3Sequelize information disclosure vulnerability
  from 0, < 6.28.1
• —SQL Injection in sequelize
  from 0, < 3.17.0
• —Potential SQL Injection in sequelize
  from 0, < 3.0.0
• —SQL Injection in sequelize
  from 0, < 1.7.0
• —SQL Injection in sequelize
  from 0, < 2.0.0-rc8