PT-2022-28063 · Unknown · Json-Pointer
Hhomar
+1
·
Published
2022-12-26
·
Updated
2024-05-17
·
CVE-2022-4742
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
json-pointer versions up to 0.6.1
Description
A critical issue has been found in the function set of the file index.js, leading to improperly controlled modification of object prototype attributes, also known as 'prototype pollution'. This issue can be exploited remotely.
Recommendations
For json-pointer versions up to 0.6.1, upgrade to version 0.6.2 to address this issue. As a temporary workaround, consider restricting access to the function set of the file index.js until the upgrade is applied.
Fix
Prototype Pollution
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Json-Pointer