Knex
1 CVEs
product
Monthly
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SQLi
Knex
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2019-10757
npm
EPSS 1%
CVSS 9.8
CRITICAL
POC
PATCH
Act Now
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SQLi
Knex
NVD