PT-2022-7852 · Knex.Js · Knex.Js
Thething
·
Published
2022-12-19
·
Updated
2023-11-23
·
CVE-2016-20018
CVSS v3.1
7.5
7.5
High
| Base vector | Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Knex.js versions through 2.3.0
Description:
The issue is a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. This vulnerability has been fixed in version 2.4.0. Users of a12nserver that use MySQL might be vulnerable to SQL injection bugs, which could let an attacker obtain OAuth2 Access Tokens for unrelated users.
Recommendations:
For versions through 2.3.0, update to version 2.4.0 to resolve the issue.
As a temporary workaround, consider restricting access to MySQL queries to minimize the risk of exploitation.
Exploit
Fix
SQL injection
Weakness Enumeration
Related Identifiers
CVE-2016-20018
GHSA-4JV9-3563-23J3
GHSA-CRHG-XGRG-VVCC
Affected Products
Knex.Js
References · 15
- 🔥 https://github.com/knex/knex/issues/1227⭐ 19417 🔗 2133 · Exploit
- 🔥 https://ghostccamm.com/blog/knex_sqli · Exploit
- https://osv.dev/vulnerability/GHSA-crhg-xgrg-vvcc · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2016-20018 · Security Note
- https://osv.dev/vulnerability/CVE-2016-20018 · Vendor Advisory
- https://osv.dev/vulnerability/GHSA-4jv9-3563-23j3 · Vendor Advisory
- https://github.com/knex/knex/commit/e145322da92749be7749f9ade5b5f5a66d6586a4⭐ 19412 🔗 2132 · Note
- https://github.com/knex/knex/releases/tag/2.4.0⭐ 19412 🔗 2132 · Note
- https://github.com/knex/knex⭐ 19412 🔗 2132 · Note
- https://github.com/knex/knex/pull/5417⭐ 19412 🔗 2132 · Note
- https://github.com/curveball/a12n-server/security/advisories/GHSA-crhg-xgrg-vvcc⭐ 455 🔗 49 · Note
- https://github.com/curveball/a12n-server⭐ 455 🔗 49 · Note
- https://github.com/curveball/a12n-server/releases/tag/v0.23.0⭐ 455 🔗 49 · Note
- https://github.com/curveball/a12n-server/commit/f4acd7549043e6e2b8917b77a50dce0756a922cc⭐ 455 🔗 49 · Note
- https://t.me/cvenotify/40140 · Telegram Post