Описание
Mongoose Vulnerable to Prototype Pollution in Schema Object
Description
Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment.
Affected versions of this package are vulnerable to Prototype Pollution. The Schema.path() function is vulnerable to prototype pollution when setting the schema object. This vulnerability allows modification of the Object prototype and could be manipulated into a Denial of Service (DoS) attack.
Proof of Concept
Impact
This vulnerability can be manipulated to exploit other types of attacks, such as Denial of service (DoS), Remote Code Execution, or Property Injection.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-24304
- https://github.com/Automattic/mongoose/issues/12085
- https://github.com/Automattic/mongoose/commit/6a197316564742c0422309e1b5fecfa4faec126e
- https://github.com/Automattic/mongoose/commit/a45cfb6b0ce0067ae9794cfa80f7917e1fb3c6f8
- https://github.com/Automattic/mongoose/blob/51e758541763b6f14569744ced15cc23ab8b50c6/lib/schema.js#L88-L141
- https://huntr.dev/bounties/055be524-9296-4b2f-b68d-6d5b810d1ddd
Пакеты
mongoose
>= 6.0.0, < 6.4.6
6.4.6
mongoose
< 5.13.15
5.13.15
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2564. Reason: This candidate is a duplicate of CVE-2022-2564. Notes: All CVE users should reference CVE-2022-2564 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage