Количество 2
Количество 2
CVE-2025-32020
The crud-query-parser library parses query parameters from HTTP requests and converts them to database queries. Improper neutralization of the order/sort parameter in the TypeORM adapter, which allows SQL injection. You are impacted by this vulnerability if you are using the TypeORM adapter, ordering is enabled and you have not set-up a property filter. This vulnerability is fixed in 0.1.0.
GHSA-9r25-rp3p-h2w4
crud-query-parser SQL Injection vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-32020 The crud-query-parser library parses query parameters from HTTP requests and converts them to database queries. Improper neutralization of the order/sort parameter in the TypeORM adapter, which allows SQL injection. You are impacted by this vulnerability if you are using the TypeORM adapter, ordering is enabled and you have not set-up a property filter. This vulnerability is fixed in 0.1.0. | 0% Низкий | 10 месяцев назад | |
| GHSA-9r25-rp3p-h2w4 crud-query-parser SQL Injection vulnerability | 0% Низкий | 10 месяцев назад |
Уязвимостей на страницу