Filtered by vendor Knexjs
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-10757 | 1 Knexjs | 1 Knex | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB. | |||||
| CVE-2016-20018 | 1 Knexjs | 1 Knex | 2024-11-21 | N/A | 7.5 HIGH |
| Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. | |||||