{
  "threat_severity" : "Important",
  "public_date" : "2025-10-29T00:00:00Z",
  "bugzilla" : {
    "description" : "TypeORM: SQL Injection via crafted request to repository.save or repository.update",
    "id" : "2407114",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2407114"
  },
  "cvss3" : {
    "cvss3_base_score" : "8.2",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-89",
  "details" : [ "SQL Injection vulnerability in TypeORM before 0.3.26 via crafted request to repository.save or repository.update due to the sqlstring call using stringifyObjects default to false.", "A flaw was found in TypeORM. When used with MySQL/mysql2 drivers, the repository.save or repository.update methods incorrectly handle nested JSON objects. This is due to an underlying setting (stringifyObjects: false) that allows an attacker to craft a malicious JSON payload and cause a SQL injection flaw, leading to a bypass of field-level restrictions, modification of columns in the database and potentially to privilege escalation." ],
  "statement" : "An attacker able to send a specially crafted JSON payload to an application using the repository.save or repository.update methods can exploit this vulnerability. Additionally, the stringifyObjects option used by TypeORM is set to false by default, increasing the exposure of this issue. Due to these reasons, this flaw has been rated with an important severity.",
  "affected_release" : [ {
    "product_name" : "Red Hat Developer Hub 1.7",
    "release_date" : "2025-12-01T00:00:00Z",
    "advisory" : "RHSA-2025:22404",
    "cpe" : "cpe:/a:redhat:rhdh:1.7::el9",
    "package" : "rhdh/rhdh-hub-rhel9:sha256:bedacfa68d74fce1e9efe3a3fdb18963f4e648d7ab6ccf34b868d62d9f25304a"
  }, {
    "product_name" : "Red Hat Developer Hub 1.8",
    "release_date" : "2025-12-08T00:00:00Z",
    "advisory" : "RHSA-2025:22861",
    "cpe" : "cpe:/a:redhat:rhdh:1.8::el9",
    "package" : "rhdh/rhdh-hub-rhel9:sha256:27d08ffa1bc6a2270b5eab59aedaf866cf68ccb902503c2e58e2e2337a1236b9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-60542\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-60542\nhttps://github.com/typeorm/typeorm/pull/11574\nhttps://github.com/typeorm/typeorm/releases/tag/0.3.26\nhttps://github.com/typeorm/typeorm/releases?q=security&expanded=true\nhttps://medium.com/@alizada.cavad/cve-2025-60542-typeorm-mysql-sqli-0-3-25-a1b32bc60453" ],
  "name" : "CVE-2025-60542",
  "mitigation" : {
    "value" : "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
    "lang" : "en:us"
  },
  "csaw" : false
}