PT-2020-19993 · Typeorm · Typeorm

Phra

·

Published

2020-09-18

·

Updated

2022-08-05

·

CVE-2020-8158

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions TypeORM versions prior to 0.2.25
Description The issue allows attackers to add or modify Object properties, potentially leading to denial of service or SQL injection attacks.
Recommendations For versions prior to 0.2.25, update to version 0.2.25 or later to resolve the issue.

Exploit

Fix

Prototype Pollution

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-1321CWE-471

Related Identifiers

CVE-2020-8158
GHSA-PF2J-9QMP-JQR2

Affected Products

Typeorm