Drizzle is a modern TypeScript ORM. Prior to 0.45.2 and 1.0.0-beta.20, Drizzle ORM improperly escaped quoted SQL identifiers in its dialect-specific escapeName(…

Drizzle ORM, a modern TypeScript ORM, contains a SQL injection vulnerability in versions prior to 0.45.2 and 1.0.0-beta.20. The vulnerability stems from improper escaping of quoted SQL identifiers in dialect-specific escapeName() implementations. Attackers can exploit this by passing malicious input to APIs that construct SQL identifiers or aliases, such as sql.identifier() and .as(). The flaw allows attackers to terminate quoted identifiers and inject arbitrary SQL code. This affects applications that use attacker-controlled input in SQL identifier construction. The vulnerability has been patched in versions 0.45.2 and 1.0.0-beta.20.