ReportizFlow
Filtered by vendor Knexjs
Subscriptions
Filtered by product Knex
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-10757 | 1 Knexjs | 1 Knex | 2024-11-21 | 9.8 Critical |
| knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB. | ||||
| CVE-2016-20018 | 1 Knexjs | 1 Knex | 2024-11-21 | 7.5 High |
| Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. | ||||
Page 1 of 1.