Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.
References
Link | Resource |
---|---|
https://hackerone.com/reports/869574 | Exploit Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2020-09-18T20:12:16
Updated: 2020-09-18T20:12:16
Reserved: 2020-01-28T00:00:00
Link: CVE-2020-8158
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-09-18T21:15:12.747
Modified: 2022-08-05T19:31:00.747
Link: CVE-2020-8158
JSON object: View
Redhat Information
No data.