Description
Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.
Remediation
References
https://hackerone.com/reports/869574
Related Vulnerabilities
CVE-2021-23439 Vulnerability in npm package file-upload-with-preview
CVE-2021-23371 Vulnerability in npm package chrono-node
CVE-2017-16110 Vulnerability in npm package weather.swlyons
CVE-2022-2564 Vulnerability in npm package mongoose
CVE-2020-15500 Vulnerability in maven package org.webjars.npm:tileserver-gl