CVE-2016-1000225
CRITICAL9.8SQL Injection via GeoJSON in sequelize
發布日:2020/9/1修改日:2023/11/8
描述
Affected versions of `sequelize` are vulnerable to SQL Injection in Models that have fields with the `GEOMETRY` DataType. This vulnerability occurs because single quotes in document values are not escaped for GeoJSON documents using `ST_GeomFromGeoJSON`, and MySQL GeoJSON documents using `GeomFromText`. ## Recommendation Update to version 3.23.6 or later.
受影響套件(1)
- npm/sequelize>= 3.4.0, < 3.23.6
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
參考連結(10)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2016-1000225
- PATCHhttps://github.com/sequelize/sequelize
- WEBhttps://github.com/sequelize/sequelize/commit/14e3deaf3ad27f12900e5275db1d448844c9de3e
- WEBhttps://github.com/sequelize/sequelize/commit/18ac91040d9c57351d26ba998f460e214255b704
- WEBhttps://github.com/sequelize/sequelize/commit/562d52585902090f4e53eb21c61314098c29d795
- WEBhttps://github.com/sequelize/sequelize/commit/f93af43a1d86400487f5e3d9762f1a4b7cf6b1e1
- WEBhttps://github.com/sequelize/sequelize/issues/6194
- WEBhttps://github.com/sequelize/sequelize/pull/6302
- WEBhttps://github.com/sequelize/sequelize/pull/6306
- WEBhttps://snyk.io/vuln/npm:sequelize:20160718