search

mei23 / misskey-v11

Mei v11 is a decentralized microblogging platform.
GNU Affero General Public License v3.0
37 stars 17 forks source link

TypeORM 0.3.0 #2523

Open mei23 opened 1 month ago

mei23 commented 1 month ago

Summary

CVE-2022-33171

ただし

NOTE: the vendor's position is that the user's application is responsible for input validation.

https://github.com/typeorm/typeorm/releases/tag/0.3.0

mei23 commented 1 month ago

とりあえずfindOne(id)だけ置換する?