Vulnerabilities > Typeorm

DATE CVE VULNERABILITY TITLE RISK
2022-07-04 CVE-2022-33171 SQL Injection vulnerability in Typeorm
The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object.
network
low complexity
typeorm CWE-89
critical
9.8
2020-09-18 CVE-2020-8158 Unspecified vulnerability in Typeorm
Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.
network
low complexity
typeorm
critical
9.8