Liran Tal Snyk

Sequelize ORM found vulnerable to SQL injection  ↦

SQL injection is a serious vulnerability, effectively allowing an attacker to run roughshod over your entire database. If you’re using Sequelize, drop everything (pun unintended) and get patched up.

As a testament for Sequelize’s commitment to security and protecting their users as fast as possible, they promptly responded and released fixes in the 3.x and 5.x branches of the library, remediating the vulnerability and providing users with an upgrade path for SQL injection prevention.


Discussion

Sign in or Join to comment or subscribe

Player art
  0:00 / 0:00