How severe is CVE-2022-29823?

CVE-2022-29823 has a CVSS v3 score of 10 (CRITICAL).

CVE-2022-29823

Name: feathers-sequelize
Author: feathersjs

10.0CRITICAL

Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.

Veröffentlicht: 10/26/2022Aktualisiert: 11/21/2024

Beschreibung

Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.

KI-AnalyseKI-gestützt

Betroffene Produkte

feathersjsfeathers-sequelize

Referenzen

https://csirt.divd.nl/CVE-2022-29823/
Third Party Advisory
https://csirt.divd.nl/DIVD-2022-00020
Third Party Advisory
https://csirt.divd.nl/CVE-2022-29823/
Third Party Advisory
https://csirt.divd.nl/DIVD-2022-00020
Third Party Advisory