Lucene search

Veracode Vulnerability DatabaseVERACODE:44378

HistoryNov 27, 2023 - 6:17 a.m.

Prototype Pollution

2023-11-2706:17:55

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

vulnerability

sequelize-typescript

deepassign function

prototype pollution

attacker

software

exploitation

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

AI Score

Confidence

Low

EPSS

Percentile

15.5%

JSON

sequelize-typescript is vulnerable to Prototype Pollution. The vulnerability is due to the deepAssign function which does not check if the attribute resolves to the object prototype and hence it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be exploited by an attacker via replacing malicious attributes with the existing once.

References

github.com/robinbuschmann/sequelize-typescript/commit/5ce8afdd1671b08c774ce106b000605ba8fccf78

github.com/sequelize/sequelize-typescript/commit/5ce8afdd1671b08c774ce106b000605ba8fccf78

huntr.com/bounties/36a7ecbf-4d3d-462e-86a3-cda7b1ec64e2

huntr.com/bounties/36a7ecbf-4d3d-462e-86a3-cda7b1ec64e2/

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

AI Score

Confidence

Low

EPSS

Percentile

15.5%

JSON

Related for VERACODE:44378