CVE-2022-37614

Опубликовано: 12 окт. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js.

Ссылки

https://github.com/mfncooper/mockery/blob/822f0566fd6d72af8c943ae5ca2aa92e516aa2cf/mockery.js#L119
Third Party Advisory
https://github.com/mfncooper/mockery/blob/822f0566fd6d72af8c943ae5ca2aa92e516aa2cf/mockery.js#L62
Exploit
Third Party Advisory
https://github.com/mfncooper/mockery/issues/77
Issue Tracking
Third Party Advisory
https://github.com/mfncooper/mockery/blob/822f0566fd6d72af8c943ae5ca2aa92e516aa2cf/mockery.js#L119
Third Party Advisory
https://github.com/mfncooper/mockery/blob/822f0566fd6d72af8c943ae5ca2aa92e516aa2cf/mockery.js#L62
Exploit
Third Party Advisory
https://github.com/mfncooper/mockery/issues/77
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mockery_project:mockery:2.1.0:*:*:*:*:node.js:*:*

EPSS

Процентиль: 40%

0.00184

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-1321

Связанные уязвимости

GHSA-gmwp-3pwc-3j3g