CVE-2022-29822 CRITICAL

CVE-2022-29822: Feathers - Improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection

Vendor Feather Js
Product Feathers-Sequalize
Weakness CWE-89 · SQLi
Published October 25, 2022
Last update March 11, 2025

CVSS base score

10.0/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection

Key dates

02Disclosure timeline

October 25, 2022 CVE published
March 11, 2025 Record updated