CVE-2020-8158: SQL Injection

September 18, 2020 (updated September 29, 2020)

Prototype pollution vulnerability in the TypeORM package may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.

References

nvd.nist.gov/vuln/detail/CVE-2020-8158

Code Behaviors & Features

Detect and mitigate CVE-2020-8158 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →