EPSS
Percentile
61.1%
sequelize is vulnerable to SQL injection. The vulnerability exists due to improper escaping of values in the sequelize.json() helper function when formatting sub paths for JSON queries for MySQL, MariaDB and SQLite.
sequelize.json()
github.com/sequelize/sequelize/commit/9bd0bc1,
github.com/sequelize/sequelize/commit/9bd0bc111b6f502223edf7e902680f7cc2ed541e
github.com/sequelize/sequelize/pull/11329