CVE-2022-33171

Опубликовано: 04 июл. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id string leads to SQL injection. NOTE: the vendor's position is that the user's application is responsible for input validation

Ссылки

http://packetstormsecurity.com/files/168096/TypeORM-0.3.7-Information-Disclosure.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2022/Aug/7
Mailing List
Third Party Advisory
https://github.com/typeorm/typeorm/compare/0.2.45...0.3.0
Release Notes
Third Party Advisory
https://seclists.org/fulldisclosure/2022/Jun/51
Exploit
Mailing List
Third Party Advisory
http://packetstormsecurity.com/files/168096/TypeORM-0.3.7-Information-Disclosure.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2022/Aug/7
Mailing List
Third Party Advisory
https://github.com/typeorm/typeorm/compare/0.2.45...0.3.0
Release Notes
Third Party Advisory
https://seclists.org/fulldisclosure/2022/Jun/51
Exploit
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:typeorm:typeorm:*:*:*:*:*:node.js:*:*

Версия до 0.3.0 (исключая)

EPSS

Процентиль: 90%

0.05988

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-fx4w-v43j-vc45