Security vulnerability in node-sql

brianc / node-sql

SQL generation for node.js

MIT License

1.05k stars 191 forks source link

Open bteng22 opened 6 years ago

bteng22 commented 6 years ago

Medium severity vulnerability found on sql@0.78.0 according to Snyk: https://snyk.io/vuln/npm:sql:20180512

spion-h4 commented 6 years ago

If anyone is interested, we made a patch at https://github.com/TokyoFarmer/node-sql-2

It works with postgresql, but we've not tested if all other databases will behave correctly.

danielmcq commented 5 years ago

This is being reported when running npm audit now as well. They list it at https://nodesecurity.io/advisories/662.