How severe is CVE-2022-29823?

CVE-2022-29823 has a CVSS v3 score of 10 (CRITICAL).

CVE-2022-29823

Name: feathers-sequelize
Author: feathersjs

10.0CRITICAL

Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.

Publicado: 10/26/2022Actualizado: 11/21/2024

Descripción

Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.

Análisis IAImpulsado por IA

Productos Afectados

feathersjsfeathers-sequelize

Referencias

https://csirt.divd.nl/CVE-2022-29823/
Third Party Advisory
https://csirt.divd.nl/DIVD-2022-00020
Third Party Advisory
https://csirt.divd.nl/CVE-2022-29823/
Third Party Advisory
https://csirt.divd.nl/DIVD-2022-00020
Third Party Advisory