VulnerableCode Package Details - pkg:npm/typeorm@0.1.5

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/typeorm@0.1.5

Essentials
History (4)

purl	pkg:npm/typeorm@0.1.5

Next non-vulnerable version	0.3.26
Latest non-vulnerable version	0.3.26
Risk	4.5

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-1cjj-ebrm-cbg8 Aliases: CVE-2020-8158 GHSA-pf2j-9qmp-jqr2		0.2.25 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-96eu-9ct8-nbgw Aliases: GHSA-w7q7-vjp8-7jv4 GMS-2019-144	SQL Injection in typeorm	0.1.15 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-gkdv-kyj1-nffy Aliases: CVE-2025-60542 GHSA-q2pj-6v73-8rgj	SQL Injection vulnerability in TypeORM before 0.3.26 via crafted request to repository.save or repository.update due to the sqlstring call using stringifyObjects default to false.	0.3.26 Affected by 0 other vulnerabilities.
VCID-pwfe-mn6j-hycw Aliases: CVE-2022-33171 GHSA-fx4w-v43j-vc45	The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id string leads to SQL injection. NOTE: the vendor's position is that the user's application is responsible for input validation	0.3.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T20:27:54.738905+00:00	GitLab Importer	Affected by	VCID-gkdv-kyj1-nffy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/typeorm/CVE-2025-60542.yml	38.6.0
2026-06-12T18:27:30.857295+00:00	GitLab Importer	Affected by	VCID-pwfe-mn6j-hycw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/typeorm/CVE-2022-33171.yml	38.6.0
2026-06-12T17:27:51.060553+00:00	GitLab Importer	Affected by	VCID-1cjj-ebrm-cbg8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/typeorm/CVE-2020-8158.yml	38.6.0
2026-06-12T17:12:01.563806+00:00	GitLab Importer	Affected by	VCID-96eu-9ct8-nbgw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/typeorm/GHSA-w7q7-vjp8-7jv4.yml	38.6.0