CVE-2016-20018

Source
https://nvd.nist.gov/vuln/detail/CVE-2016-20018
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-20018.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-20018
Aliases
Published
2022-12-19T09:15:09Z
Modified
2025-01-08T03:53:45.590715Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query.

References

Affected packages

Git / github.com/knex/knex

Affected ranges

Type
GIT
Repo
https://github.com/knex/knex
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

Other

0,14,2

0.*

0.1.0
0.1.1
0.1.2
0.1.3
0.1.4
0.1.5
0.1.6
0.1.7
0.1.8
0.10.0
0.10.0-rc1
0.11.0
0.11.1
0.11.10
0.11.2
0.11.3
0.11.4
0.11.5
0.11.6
0.11.7
0.11.8
0.11.9
0.12.0
0.12.1
0.12.2
0.12.4
0.12.5
0.12.6
0.12.8
0.12.9
0.13.0
0.14.1
0.14.3
0.14.4
0.14.5
0.14.6
0.15.0
0.15.2
0.16.0
0.16.1
0.16.3
0.16.4
0.16.5
0.16.6
0.16.7
0.17.0
0.17.2
0.18.4
0.19.0
0.19.3
0.19.5
0.2.0
0.2.1
0.2.2
0.2.3
0.2.4
0.2.5
0.2.6
0.20.0
0.20.1
0.20.11
0.20.2
0.20.4
0.20.6
0.21.0
0.21.1
0.21.10
0.21.13
0.21.14
0.21.15
0.21.2
0.21.3
0.21.5
0.21.9
0.4.0
0.4.1
0.4.10
0.4.11
0.4.12
0.4.13
0.4.2
0.4.3
0.4.4
0.4.5
0.4.6
0.4.7
0.4.8
0.4.9
0.5.0
0.5.1
0.5.10
0.5.11
0.5.12
0.5.13
0.5.14
0.5.15
0.5.2
0.5.3
0.5.4
0.5.5
0.5.6
0.5.8
0.5.9
0.6.0
0.6.1
0.6.10
0.6.11
0.6.12
0.6.13
0.6.14
0.6.15
0.6.16
0.6.17
0.6.18
0.6.19
0.6.2
0.6.20
0.6.21
0.6.22
0.6.3
0.6.4
0.6.5
0.6.6
0.6.7
0.6.8
0.6.9
0.7.0
0.7.1
0.7.2
0.7.3
0.8.0
0.8.1
0.8.2
0.8.3
0.8.4
0.8.5
0.8.6
0.9.0
0.95.0
0.95.10
0.95.11
0.95.12
0.95.14
0.95.2
0.95.3
0.95.5
0.95.8

016.*

016.5

1.*

1.0.0
1.0.1
1.0.3
1.0.4
1.0.5
1.0.7

2.*

2.0.0
2.1.0
2.2.0
2.3.0

v0.*

v0.15.1
v0.16.2