CVE-2021-23518

Опубликовано: 21 янв. 2022

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as {} instead of Object.create(null) in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative path. When using the origin path as proto, the attribute of the object is accessed instead of a path. Note: This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-CACHEDPATHRELATIVE-72573

Ссылки

https://github.com/ashaffer/cached-path-relative/commit/40c73bf70c58add5aec7d11e4f36b93d144bb760
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00006.html
Mailing List
Third Party Advisory
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2348246
Exploit
Issue Tracking
Patch
Third Party Advisory
https://snyk.io/vuln/SNYK-JS-CACHEDPATHRELATIVE-2342653
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/ashaffer/cached-path-relative/commit/40c73bf70c58add5aec7d11e4f36b93d144bb760
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00006.html
Mailing List
Third Party Advisory
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2348246
Exploit
Issue Tracking
Patch
Third Party Advisory
https://snyk.io/vuln/SNYK-JS-CACHEDPATHRELATIVE-2342653
Exploit
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cached-path-relative_project:cached-path-relative:*:*:*:*:*:node.js:*:*

Версия до 1.1.0 (исключая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00648

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-1321

Связанные уязвимости

CVE-2021-23518

CVSS3: 7.3

ubuntu

около 4 лет назад

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as {} instead of Object.create(null) in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative path. When using the origin path as __proto__, the attribute of the object is accessed instead of a path. **Note:** This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-CACHEDPATHRELATIVE-72573

CVE-2021-23518

CVSS3: 8.6

redhat

около 4 лет назад

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as {} instead of Object.create(null) in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative path. When using the origin path as __proto__, the attribute of the object is accessed instead of a path. **Note:** This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-CACHEDPATHRELATIVE-72573

CVE-2021-23518

CVSS3: 7.3

debian

около 4 лет назад

The package cached-path-relative before 1.1.0 are vulnerable to Protot ...

GHSA-wg6g-ppvx-927h

CVSS3: 7.3

github

около 4 лет назад

Prototype Pollution in cached-path-relative

EPSS

Процентиль: 70%

0.00648

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-1321