VYPR

npm package

loopback-connector-postgresql

pkg:npm/loopback-connector-postgresql

Vulnerabilities (1)

  • CVE-2022-35942CriAug 12, 2022
    affected < 5.5.1fixed 5.5.1

    Improper input validation on the `contains` LoopBack filter may allow for arbitrary SQL injection. When the extended filter property `contains` is permitted to be interpreted by the Postgres connector, it is possible to inject arbitrary SQL which may affect the confidentiality an