Skip to main content

Watermelondb

1 CVEs product

Monthly

CVE-2020-4035 npm MEDIUM PATCH This Month

In WatermelonDB (NPM package "@nozbe/watermelondb") before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Node.js SQLi Apple Watermelondb
NVD GitHub
CVSS 3.1
5.9
EPSS
0.8%
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

In WatermelonDB (NPM package "@nozbe/watermelondb") before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Node.js SQLi Apple +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy