PT-2021-15529 · Jointjs · Jointjs

Alessio Della Libera

Published

2021-09-21

Updated

2021-10-02

CVE-2021-23444

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions jointjs versions prior to 3.4.2

Description A type confusion issue can lead to a bypass when user-provided keys used in the path parameter are arrays in the setByPath function.

Recommendations For versions prior to 3.4.2, update to version 3.4.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the setByPath function with array values in the path parameter until a patch is available.

Exploit

Fix

Type Confusion

Prototype Pollution

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-843CWE-1321

Related Identifiers

CVE-2021-23444

GHSA-F3PP-32QC-36W4

SNYK-JAVA-ORGWEBJARSBOWER-1655817

SNYK-JAVA-ORGWEBJARSNPM-1655816

SNYK-JS-JOINTJS-1579578

Affected Products

Jointjs

PT-2021-15529 · Jointjs · Jointjs

CVE-2021-23444

Weakness Enumeration

Related Identifiers

Affected Products

References · 11