waterline-sequel@0.2.0 vulnerabilities

A helper library for generating SQL queries from the Waterline Query Language.

Direct Vulnerabilities

Known vulnerabilities in the waterline-sequel package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
SQL Injection

'waterline-sequel' is a helper library for generating SQL queries from the Waterline Query Language.

waterline-sequel version 0.5.0 is vulnerable to SQL Injection via like, contains, startsWith or endsWith methods.

How to fix SQL Injection?

Upgrade waterline-sequel to version 0.5.1 or greater

<0.5.1