Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm sequelize Security Advisories

Browse all Security Advisories for npm sequelize

Loading...
Critical
GSA_kwCzR0hTQS1mNTk4LW1mcHYtZ21meM4AAxzf
Sequelize - Default support for “raw attributes” when using parentheses
Ecosystems: npm
Packages: sequelize, @sequelize/core
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS12cWZ4LWdqOTYtM3c5Nc4AAxyK
Unsafe fall-through in getWhereConditions
Ecosystems: npm
Packages: @sequelize/core, sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS13cmg5LWNqdjMtMmhwd84AAxxu
Sequelize vulnerable to SQL Injection via replacements
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04YzI1LWYzbWotdjZoOM4AAxqp
Sequelize information disclosure vulnerability
Ecosystems: npm
Packages: @sequelize/core, sequelize
Source: GitHub Advisory Database
Blast Radius: 28.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3NHAtMzZqOS1ycmoz
Denial of Service in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2OWgtcTNnai1jMzJ4
SQL Injection via GeoJSON in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1OTgtMmY1OS1ybWhx
SQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: about 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo5eHAtOTJ2Yy01NTlq
SQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: about 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05anctMjM3ci1ndmZ2
SQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdmcDktdnI0ai1mNDlq
NoSQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3NzctMnZxOC1jNHY0
SQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk4cHEtcG13OS00Z3Bt
SQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ2N3EtMnhxeC1mNHE1
Potential SQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgyamMtcHdmai1oOXAz
SQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTljMnAtanc4cC1mODR2
SQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhxZzgtY3YzaC14cHB2
SQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Statistics
Advisories: 20,851
Packages: 9,120
Repositories: 1
Ecosystems: 12
Filter by Package
parse-server 31 directus 28 electron 26 @openzeppelin/contracts-upgradeable 21 @openzeppelin/contracts 20 next 18 tinymce 16 sequelize 16 ghost 15 ckeditor4 15 swagger-ui 14 joplin 14 undici 13 angular 13 strapi 13 vm2 12 nodebb 12 bootstrap 11 marked 11 TinyMCE 11 tinymce/tinymce 11 handlebars 11 flowise 11 matrix-js-sdk 11 nocodb 10 @evershop/evershop 9 org.webjars:bootstrap 9 twbs/bootstrap 9 bootstrap 9 bootstrap 9 next-auth 9 @strapi/strapi 9 serve 9 matrix-react-sdk 9 systeminformation 8 matrix-appservice-irc 8 org.webjars.npm:jquery 8 node-forge 8 jquery 8 jquery-rails 8 validator 8 tar 8 express-cart 8 npm 8 editor.md 8 steal 8 url-parse 8 jsrsasign 8 urijs 8 dompurify 7 total.js 7 bootstrap-sass 7 jQuery 7 bootstrap.sass 7 elliptic 7 uptime-kuma 7 jquery-ui 7 org.webjars.npm:jquery-ui 7 jQuery.UI.Combined 7 jquery-ui-rails 7 hermes-engine 7 shescape 7 snyk-broker 7 hapi 7 lodash 7 vite 7 sanitize-html 7 @strapi/plugin-users-permissions 6 rsshub 6 bootstrap-sass 6 parse-url 6 aaptjs 6 safe-eval 6 mongoose 6 axios 5 express 5 xlsx 5 ejs 5 keystone 5 vditor 5 total4 5 lodash-es 5 ua-parser-js 5 prismjs 5 sweetalert2 5 rendertron 5 dojo 5 public 5 @sveltejs/kit 5 mermaid 5 ws 5 openpgp 5 @saltcorn/server 5 mattermost-desktop 5 @lobehub/chat 5 yarn 5 mysql2 5 auth0-lock 4 moment 4 vega 4 safer-eval 4 jsonwebtoken 4 muhammara 4 fastify 4 remarkable 4 hono 4 @directus/api 4 follow-redirects 4 hummus 4 materialize-css 4 aws-iot-device-sdk-v2 4 awsiotsdk 4 meshcentral 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 glance 4 engine.io 4 qs 4 @keystone-6/core 4 @backstage/plugin-scaffolder-backend 4 fast-xml-parser 4 convert-svg-core 4 generator-jhipster 4 lunary 4 realms-shim 4 ecstatic 4 simple-git 4 mongo-express 4 simple-markdown 4 valine 4 apollo-server-core 4 auth0-js 4 apostrophe 4 katex 4 node-ipc 3 bson 3 http-live-simulator 3 mysql 3 notevil 3 libxmljs 3 xdLocalStorage 3 @sequelize/core 3 localhost-now 3 connect 3 llhttp 3 node-red-dashboard 3 agnai 3 jquery-validation 3 sails 3 docsify 3 node-jose 3 m-server 3 ids-enterprise 3 keycloak-connect 3 yapi-vendor 3 @backstage/techdocs-common 3 ftp-srv 3 browserify-shim 3 nuxt 3 apollo-server 3 @uppy/companion 3 slp-validate 3 angular-expressions 3 node-fetch 3 highcharts 3 send 3 json-pointer 3 subtext 3 org.webjars.npm:xlsx 3 xmldom 3 stimulsoft-dashboards-js 3 jointjs 3 @frangoteam/fuxa 3 buttle 3 ses 3 passport-wsfed-saml2 3 grunt 3 @vrite/sdk 3 renovate 3 @jmondi/url-to-png 3 wrangler 3 jspdf 3 dns-sync 3 @strapi/utils 3 jose-node-esm-runtime 3 jose-node-cjs-runtime 3 nodemailer 3 trix 3 jose 3 ag-grid-community 3 code-server 3 lodash.defaultsdeep 3 simplehttpserver 3 feathers-sequelize 3 raneto 3 object-path 3 n8n 3 mathjs 3 express-fileupload 3 socket.io-parser 3 fuxa-server 3