CVE-2023-6293
HIGH EPSS 43.8%
Published Nov 24, 20232y ago ยท Modified Jun 17, 20262w ago
7.1 CVSS 3.1
Published Nov 24, 2023 2y ago
Last Modified Jun 17, 2026 2w ago
Description
Prototype Pollution in GitHub repository robinbuschmann/sequelize-typescript prior to 2.1.6.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
43.8% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-1321
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| sequelizejs | sequelize-typescript | * | <2.1.6 |
References 2
- github.com https://github.com/robinbuschmann/sequelize-typescript/commit/5ce8afdd1671b08c774ce106b000605ba8fccf78
- huntr.com https://huntr.com/bounties/36a7ecbf-4d3d-462e-86a3-cda7b1ec64e2
Remediation
- github.com https://github.com/robinbuschmann/sequelize-typescript/commit/5ce8afdd1671b08c774ce106b000605ba8fccf78
- huntr.com https://huntr.com/bounties/36a7ecbf-4d3d-462e-86a3-cda7b1ec64e2