CVE-2022-29823
10.0CRITICALFeather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.
게시됨: 10/26/2022업데이트됨: 11/21/2024
설명
Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.
AI 분석AI 기반
영향받는 제품
feathersjsfeathers-sequelize
참조
- https://csirt.divd.nl/CVE-2022-29823/Third Party Advisory
- https://csirt.divd.nl/DIVD-2022-00020Third Party Advisory
- https://csirt.divd.nl/CVE-2022-29823/Third Party Advisory
- https://csirt.divd.nl/DIVD-2022-00020Third Party Advisory