Typescript Nest Pg Sql Injection
Description
This detector identifies SQL injection vulnerabilities in NestJS applications using the 'pg' PostgreSQL library. It finds cases where unsanitized user input is passed directly to database query methods, allowing attackers to manipulate SQL queries and potentially access, modify, or delete unauthorized data.
Detection Strategy
• The file must import both '@nestjs' framework (or its submodules) and the 'pg' PostgreSQL library
• A method call expression ending with '.query' is identified in the code
• The object calling the .query method must be traced back to a PostgreSQL client or pool creator from the 'pg' library
• The first argument passed to the .query method must contain unsanitized user input or dynamic content that could be manipulated by an attacker
• The query argument is analyzed to determine if it contains vulnerable SQL construction patterns rather than parameterized queries or proper sanitization
Vulnerable code example
import { Controller, Get, Query } from '@nestjs/common';
import { Client } from 'pg';
import { Pool } from 'pg';
const pool = new Pool();
@Controller('users')
export class UserController {...✅ Secure code example
import { Controller, Get, Query } from '@nestjs/common';
import { Client } from 'pg';
import { Pool } from 'pg';
const pool = new Pool();
@Controller('users')
export class UserController {...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.