Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg1cjYteDgyMy05ODQ4
Arbitrary Code Execution in json-ptr
npm json-ptr before 2.1.0 has an arbitrary code execution vulnerability. The issue occurs in the set operation when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the key being set, leading to a prototype pollution.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg1cjYteDgyMy05ODQ4
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: almost 3 years ago
Updated: 8 months ago
CVSS Score: 7.3
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Identifiers: GHSA-x5r6-x823-9848, CVE-2020-7766
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-7766
- https://github.com/418sec/json-ptr/pull/3
- https://github.com/flitbit/json-ptr/blob/master/src/util.ts%23L174
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038396
- https://snyk.io/vuln/SNYK-JS-JSONPTR-1016939
- https://www.npmjs.com/package/json-ptr
- https://www.huntr.dev/bounties/2-npm-json-ptr/
- https://github.com/flitbit/json-ptr/commit/2539e3494c80af1eef24f0f433654a61f255f011
- https://github.com/advisories/GHSA-x5r6-x823-9848
Blast Radius: 29.8
Affected Packages
npm:json-ptr
Dependent packages: 96Dependent repositories: 12,014
Downloads: 2,177,946 last month
Affected Version Ranges: < 2.1.0
Fixed in: 2.1.0
All affected versions: 0.1.0, 0.1.1, 0.2.0, 0.3.0, 0.3.1, 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.1.2, 1.2.0, 1.3.0, 1.3.1, 1.3.2, 2.0.0
All unaffected versions: 2.1.0, 2.1.1, 2.1.2, 2.2.0, 3.0.0, 3.0.1, 3.1.0, 3.1.1