CVE-2020-8158

TypeORM vulnerable to MAID and Prototype Pollution

Description

Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

JavaScript

Publish Date

May 7, 2021

Modified Date

November 7, 2023

Score Vector

Affected Versions