Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNycG0tZm00OC1jaGo3

SQL Injection in resquel

All versions of resquel are vulnerable to SQL Injection. Query parameters are not properly sanitized, allowing attackers to inject SQL statements and execute arbitrary SQL queries

Recommendation

No fix is currently available. Consider using an alternative package until a fix is made available.

Permalink: https://github.com/advisories/GHSA-crpm-fm48-chj7
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNycG0tZm00OC1jaGo3
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: about 4 years ago
Updated: almost 2 years ago


Identifiers: GHSA-crpm-fm48-chj7
References: Blast Radius: 0.0

Affected Packages

npm:resquel
Dependent packages: 1
Dependent repositories: 2
Downloads: 21 last month
Affected Version Ranges: >= 0
No known fixed version
All affected versions: 0.0.1, 0.0.2, 0.1.0, 0.2.0, 0.3.0, 1.0.0