Watermelondb
1 CVEs
product
Monthly
In WatermelonDB (NPM package "@nozbe/watermelondb") before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.
Node.js
SQLi
Apple
Watermelondb
NVD
GitHub
CVSS 3.1
5.9
EPSS
0.8%
CVE-2020-4035
npm
EPSS 1%
CVSS 5.9
MEDIUM
PATCH
This Month
In WatermelonDB (NPM package "@nozbe/watermelondb") before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.
Node.js
SQLi
Apple
+1
NVD
GitHub