{
  "threat_severity" : "Important",
  "public_date" : "2026-03-10T20:22:46Z",
  "bugzilla" : {
    "description" : "sequelize: Sequelize: Data exfiltration via SQL injection in JSON/JSONB where clause processing",
    "id" : "2446250",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2446250"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-89",
  "details" : [ "Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The _traverseJSON() function splits JSON path keys on :: to extract a cast type, which is interpolated raw into CAST(... AS <type>) SQL. An attacker who controls JSON object keys can inject arbitrary SQL and exfiltrate data from any table. This vulnerability is fixed in 6.37.8.", "A flaw was found in Sequelize, a Node.js Object-Relational Mapper (ORM) tool. A remote attacker can exploit a SQL injection vulnerability by manipulating JSON object keys during JSON/JSONB where clause processing. This allows for the injection of arbitrary SQL commands due to the improper handling of cast types. The primary consequence is the potential for unauthorized data exfiltration from any database table." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Satellite 6.18",
    "release_date" : "2026-04-16T00:00:00Z",
    "advisory" : "RHSA-2026:8498",
    "cpe" : "cpe:/a:redhat:satellite:6.18::el9",
    "package" : "satellite/iop-remediations-rhel9:1776194798"
  } ],
  "package_state" : [ {
    "product_name" : "Confidential Compute Attestation",
    "fix_state" : "Affected",
    "package_name" : "openshift-sandboxed-containers/osc-pccs",
    "cpe" : "cpe:/a:redhat:confidential_compute_attestation:1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "linux-sgx",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "linux-sgx",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-30951\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-30951\nhttps://github.com/sequelize/sequelize/security/advisories/GHSA-6457-6jrx-69cr" ],
  "name" : "CVE-2026-30951",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}