Vulnerability Details CVE-2022-2422
Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.8%
CVSS Severity
CVSS v3 Score 10.0
References
Products affected by CVE-2022-2422
-
cpe:2.3:a:feathersjs:feathers-sequelize:6.0.0
-
cpe:2.3:a:feathersjs:feathers-sequelize:6.0.1
-
cpe:2.3:a:feathersjs:feathers-sequelize:6.0.2
-
cpe:2.3:a:feathersjs:feathers-sequelize:6.1.0
-
cpe:2.3:a:feathersjs:feathers-sequelize:6.2.0
-
cpe:2.3:a:feathersjs:feathers-sequelize:6.3.0
-
cpe:2.3:a:feathersjs:feathers-sequelize:6.3.1
-
cpe:2.3:a:feathersjs:feathers-sequelize:6.3.2
-
cpe:2.3:a:feathersjs:feathers-sequelize:6.3.3