CVE-2022-29823
10.0CRITICALFeather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.
Published: 10/26/2022Updated: 11/21/2024
Description
Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.
AI AnalysisPowered by AI
Affected Products
feathersjsfeathers-sequelize
References
- https://csirt.divd.nl/CVE-2022-29823/Third Party Advisory
- https://csirt.divd.nl/DIVD-2022-00020Third Party Advisory
- https://csirt.divd.nl/CVE-2022-29823/Third Party Advisory
- https://csirt.divd.nl/DIVD-2022-00020Third Party Advisory