pkg:npm/kysely

共 4 筆 CVEHIGH4

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.2CVE-2026-32763SQL Injection via unsanitized JSON path keys when ignoring/silencing compilation errors or using `Kysely<any>`.
    >= 0.26.0, < 0.28.12
  • HIGH8.1CVE-2026-33468Kysely has a MySQL SQL Injection via Insufficient Backslash Escaping in `sql.lit(string)` usage or similar methods that append string literal values into the compiled SQL strings
    from 0, < 0.28.14
  • HIGH8.1CVE-2026-33442Kysely has a MySQL SQL Injection via Backslash Escape Bypass in non-type-safe usage of JSON path keys.
    >= 0.28.12, < 0.28.14
  • HIGH7.5CVE-2026-44635Kysely: JSON-path traversal injection via unsanitized path-leg metacharacters in `JSONPathBuilder.key()` / `.at()`
    >= 0.26.0, < 0.28.17