CVE-2025-60542: TypeORM vulnerable to SQL injection via crafted request to repository.save or repository.update
(updated )
SQL Injection vulnerability in TypeORM before 0.3.26 via crafted request to repository.save or repository.update due to the sqlstring call using stringifyObjects default to false.
References
- github.com/advisories/GHSA-q2pj-6v73-8rgj
- github.com/mysqljs/sqlstring/blob/cd528556b4b6bcf300c3db515026935dedf7cfa1/lib/SqlString.js
- github.com/sidorares/node-mysql2/blob/e359f454a76ba5dc31b91adf7bdb4099ca317bb5/lib/base/connection.js
- github.com/sidorares/node-mysql2/blob/e359f454a76ba5dc31b91adf7bdb4099ca317bb5/lib/connection_config.js
- github.com/typeorm/typeorm/blob/0.3.25/src/driver/mysql/MysqlConnectionOptions.ts
- github.com/typeorm/typeorm/commit/d57fe3bd8578b0b8f9847647fd046bccf825a7ef
- github.com/typeorm/typeorm/pull/11574
- github.com/typeorm/typeorm/releases/tag/0.3.26
- github.com/typeorm/typeorm/releases?q=security&expanded=true
- medium.com/@alizada.cavad/cve-2025-60542-typeorm-mysql-sqli-0-3-25-a1b32bc60453
- nvd.nist.gov/vuln/detail/CVE-2025-60542
Code Behaviors & Features
Detect and mitigate CVE-2025-60542 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →