-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| @sequelize/core | npm | < 7.0.0-alpha.20 | 7.0.0-alpha.20 |
Miggo AIRoot Cause AnalysisThe advisory directly identifies getWhereConditions as the vulnerable function through its title and description. This function processes WHERE clause conditions in Sequelize queries. The type confusion (CWE-843) occurs when untrusted input passes through this function without proper validation, allowing attackers to inject query logic. While no patch code is shown, the withdrawn advisory's explicit reference to this function name and the CWE type confusion pattern strongly indicate this is the primary vulnerable entry point for runtime detection.
A Semantic Attack on Google Gemini - Read the Latest Research