Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://hackerone.com/reports/869574 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2020-09-18T20:12:16
Updated: 2024-08-04T09:48:25.595Z
Reserved: 2020-01-28T00:00:00
Link: CVE-2020-8158
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-09-18T21:15:12.747
Modified: 2022-08-05T19:31:00.747
Link: CVE-2020-8158
Redhat
No data.