What the vulnerability does

01Description

Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.

Key dates

02Disclosure timeline

September 18, 2020 CVE published
August 4, 2024 Record updated