Lixts

Name of the Vulnerable Software and Affected Versions: ch-go library versions prior to 0.65.0 Description: The issue arises when the ch-go library is used under a specific condition where the query includes large, uncompressed malicious external data. This allows an attacker in control of such data to smuggle another query packet into the connection stream. Recommendations: Update to at least version 0.65.0 to resolve the issue. As a temporary workaround, consider restricting the use of large, uncompressed external data in queries until the update is applied.

**Name of the Vulnerable Software and Affected Versions** TypeORM versions prior to 0.3.0 **Description** The `findOne` function in TypeORM can be supplied with either a string or a `FindOneOptions` object. When the input to the function is a user-controlled parsed JSON object, supplying a crafted `FindOneOptions` instead of an id string leads to SQL injection. The vendor's position is that the user's application is responsible for input validation. **Recommendations** For TypeORM versions prior to 0.3.0, ensure that the input to the `findOne` function is properly validated to prevent SQL injection. As a temporary workaround, consider validating the input to ensure it is a string or a properly formatted `FindOneOptions` object before passing it to the `findOne` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.