You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Sensitive Data Exposure in sequelize-cli
Low severity
GitHub Reviewed
Published
Jun 5, 2019
to the GitHub Advisory Database
•
Updated Jan 9, 2023
Versions of sequelize-cli prior to 5.5.0 are vulnerable to Sensitive Data Exposure. The function filteredURL() does not properly sanitize the config.password value which may cause passwords with special characters to be logged in plain text.
Versions of
sequelize-cli
prior to 5.5.0 are vulnerable to Sensitive Data Exposure. The functionfilteredURL()
does not properly sanitize theconfig.password
value which may cause passwords with special characters to be logged in plain text.Recommendation
Upgrade to version 5.5.0 or later.
References