CVE-2016-10554

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses Postgres escaping.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sequelizejs:sequelize:1.7.0:alpha1:*:*:*:node.js:*:*
cpe:2.3:a:sequelizejs:sequelize:1.7.0:alpha2:*:*:*:node.js:*:*
cpe:2.3:a:sequelizejs:sequelize:*:*:*:*:*:node.js:*:*

Information

Published : 2018-05-31 13:29

Updated : 2019-10-09 16:16


NVD link : CVE-2016-10554

Mitre link : CVE-2016-10554


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

sequelizejs

  • sequelize