FLAT-66H1W – Vulnerability

SQL injection - Code In @veramo/data-store

Description

Veramo is Vulnerable to SQL Injection in Veramo Data Store ORM

Summary

An SQL injection vulnerability exists in the @veramo/data-store package that allows any authenticated user to execute arbitrary SQL queries against the database. The vulnerability is caused by insufficient validation of the column parameter in the order array of query requests.

Details

packages/data-store/src/data-store-orm.ts (lines 416-434)

The vulnerability exists in the decorateQB() function which processes query ordering parameters:

function decorateQB(
  qb: SelectQueryBuilder<any>,
  tableName: string,
  input: FindArgs<any>,
): SelectQueryBuilder<any> {
  if (input?.skip) qb = qb.offset(input.skip)
  if (input?.take) qb = qb.limit(input.take)
  if (input?.order) {...

Root Cause:

The item.column value from user input is passed directly as the alias parameter to addSelect() without any sanitization or validation

While TypeScript defines allowed column types (e.g., TCredentialColumns = 'context' | 'type' | ...), this is only compile-time checking

At runtime, the function accepts FindArgs<any>, allowing arbitrary strings to bypass type restrictions

TypeORM inserts the alias directly into the SQL query, enabling SQL injection

Affected Endpoints:

All endpoints are located in packages/data-store/src/data-store-orm.ts:

Endpoint	Method	Line
`dataStoreORMGetIdentifiers`	identifiersQuery()	85-98
`dataStoreORMGetMessages`	messagesQuery()	129-153
`dataStoreORMGetVerifiableCredentialsByClaims`	claimsQuery()	168-198
`dataStoreORMGetVerifiableCredentials`	credentialsQuery()	227-252
`dataStoreORMGetVerifiablePresentations`	presentationsQuery()	275-297

All these methods call decorateQB() which processes the vulnerable order parameter.

PoC

Prerequisites:

A running Veramo agent with the REST API exposed (e.g., via @veramo/remote-server)

Valid authentication credentials (Bearer token)

The agent uses @veramo/data-store with a SQLite or compatible database

Example Exploit to Extract Private Keys From DB:

POST /agent/dataStoreORMGetVerifiableCredentialsByClaims HTTP/1.1
Host: localhost:3332
Content-Length: 811
Authorization: Bearer test123
Content-Type: application/json

{ "where":[
      "value": [...

similar exploit could be used against the other affected endpoints

Impact

Attack capabilities:

Complete database read access

Reading or write files into fs depending on dbms used

Database-specific escalation paths

Dos through timebased or multiple long running queries

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
npm	@veramo/data-store	>=0 <6.0.2	6.0.2

Aliases

1. GHSA-38cw-85xc-xr9x

References

1. https://github.com/decentralized-identity/veramo/security/advisories/GHSA-38cw-85xc-xr9x2. https://github.com/decentralized-identity/veramo/pull/14823. https://github.com/decentralized-identity/veramo/commit/067e39dd76f11ee2d25b99c8361d4f02a4223e3b4. https://github.com/decentralized-identity/veramo/releases/tag/v6.0.2

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.