CVE-2022-33171
N/A
N/A
Summary
The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id string leads to SQL injection. NOTE: the vendor's position is that the user's application is responsible for input validation
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://github.com/typeorm/typeorm/compare/0.2.45…0.3.0
- https://seclists.org/fulldisclosure/2022/Jun/51
- http://seclists.org/fulldisclosure/2022/Aug/7
- http://packetstormsecurity.com/files/168096/TypeORM-0.3.7-Information-Disclosure.html
References
- https://github.com/typeorm/typeorm/compare/0.2.45…0.3.0
- https://seclists.org/fulldisclosure/2022/Jun/51
- http://seclists.org/fulldisclosure/2022/Aug/7
- http://packetstormsecurity.com/files/168096/TypeORM-0.3.7-Information-Disclosure.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.