Common Weakness Enumeration

CWE-1321

Allowed

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Abstraction: Variant · Status: Incomplete

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

780 vulnerabilities reference this CWE, most recent first.

GHSA-JXVF-M3X5-MXWQ

Vulnerability from github – Published: 2022-07-19 14:28 – Updated: 2022-08-10 23:53
VLAI
Summary
Properties-Reader before v2.2.0 vulnerable to prototype pollution
Details

Properties-Reader prior to version 2.2.0 is vulnerable to prototype pollution. Version 2.2.0 contains a patch for this issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "properties-reader"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-28471"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-07-19T14:28:59Z",
    "nvd_published_at": "2022-07-25T14:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Properties-Reader prior to version 2.2.0 is vulnerable to prototype pollution. Version 2.2.0 contains a patch for this issue.",
  "id": "GHSA-jxvf-m3x5-mxwq",
  "modified": "2022-08-10T23:53:55Z",
  "published": "2022-07-19T14:28:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28471"
    },
    {
      "type": "WEB",
      "url": "https://github.com/steveukx/properties/issues/40"
    },
    {
      "type": "WEB",
      "url": "https://github.com/steveukx/properties/commit/0877cc871db9865f58dd9389ce99e61be05380a5"
    },
    {
      "type": "WEB",
      "url": "https://github.com/steveukx/properties/commit/4e4bc392ecfd0a128f48c1d69f64a0d7194fcaab"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/steveukx/properties"
    },
    {
      "type": "WEB",
      "url": "https://security.snyk.io/vuln/SNYK-JS-PROPERTIESREADER-1048968"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Properties-Reader before v2.2.0 vulnerable to prototype pollution"
}

GHSA-JXXP-MQWV-8HQG

Vulnerability from github – Published: 2024-07-01 15:32 – Updated: 2024-07-03 18:47
VLAI
Details

adolph_dudu ratio-swiper 0.0.2 was discovered to contain a prototype pollution via the function parse. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39853"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-01T13:15:06Z",
    "severity": "MODERATE"
  },
  "details": "adolph_dudu ratio-swiper 0.0.2 was discovered to contain a prototype pollution via the function parse. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.",
  "id": "GHSA-jxxp-mqwv-8hqg",
  "modified": "2024-07-03T18:47:40Z",
  "published": "2024-07-01T15:32:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39853"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/mestrtee/840f5d160aab4151bd0451cfb822e6b5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M272-9RP6-32MC

Vulnerability from github – Published: 2026-03-02 21:43 – Updated: 2026-03-06 15:16
VLAI
Summary
`@orpc/client` has Prototype Pollution via `StandardRPCJsonSerializer` Deserialization
Details

Summary

A critical Prototype Pollution vulnerability exists in the RPC JSON deserializer of the @orpc/client package. The vulnerability allows unauthenticated, remote attackers to inject arbitrary properties into the global Object.prototype. Because this pollution persists for the lifetime of the Node.js process and affects all objects, it can lead to severe security breaches, including authentication bypass, denial of service, and potentially Remote Code Execution.

Vulnerability Details

The root cause lies in the deserialize() method of StandardRPCJsonSerializer. When processing attacker-controlled path segments from the meta and maps arrays, the deserializer fails to implement validation or sanitization for dangerous JavaScript object keys, specifically __proto__ and constructor:

https://github.com/middleapi/orpc/blob/819ed2e0897b18a5d6a4ca85ba68568f055004a1/packages/client/src/adapters/standard/rpc-json-serializer.ts#L137-L213

There are two primary distinct write vectors available to an attacker:

  1. The meta vector: Writes type-constrained values (e.g., Map, Set, Date) to arbitrary object paths.
  2. The maps vector: Allows the injection of arbitrary string values. This occurs because the return value of getBlob(i) (which relies on FormData.get(i.toString())) is cast as Blob. Since this is strictly a TypeScript compile-time cast, the runtime execution allows standard text fields to return as arbitrary strings.

Crucially, this deserialization process occurs at the very beginning of the request lifecycle before any Zod schema validation takes place. Consequently, a malicious payload will successfully pollute the prototype even if the request is subsequently rejected by the validation layer.

This issue impacts all server adapters utilizing the RPC protocol.

Proof of Concept

To reproduce the vulnerability, set up the playgrounds/astro environment and start the development server using pnpm dev.

Run the following curl command to send a crafted payload:

curl -X POST http://localhost:4321/rpc/planet/create \
     -F 'data={"json":{},"meta":[],"maps":[["__proto__","role"]]}' \
     -F '0=admin'

Result: The deserializer evaluates maps, follows the __proto__ path, and maps index 0 to the string "admin". This immediately applies Object.prototype.role = "admin" across the entire Node.js server instance.

Impact

Servers relying on StandardRPCJsonSerializer for deserialization are immediately susceptible to global prototype pollution. The potential impacts including:

  • Privilege Escalation / Authorization Bypass: Attackers can bypass flawed security checks. For example, if the server relies on a defaulted property check like if (user.role === "admin"), the application will evaluate this as true for all users globally.
  • Remote Code Execution: If the application or its dependencies contain susceptible prototype pollution gadgets (e.g., dynamically executing shell commands or scripts based on object properties), this vulnerability can be leveraged into full RCE.
  • Denial of Service: Attackers can overwrite built-in methods (e.g., toString) or set objects into unexpected states, causing the application to crash or throw unhandled exceptions globally.
Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.13.5"
      },
      "package": {
        "ecosystem": "npm",
        "name": "@orpc/client"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.13.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-28794"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-02T21:43:00Z",
    "nvd_published_at": "2026-03-06T05:16:40Z",
    "severity": "CRITICAL"
  },
  "details": "### Summary\nA critical Prototype Pollution vulnerability exists in the RPC JSON deserializer of the `@orpc/client` package. The vulnerability allows unauthenticated, remote attackers to inject arbitrary properties into the global `Object.prototype`. Because this pollution persists for the lifetime of the Node.js process and affects all objects, it can lead to severe security breaches, including authentication bypass, denial of service, and potentially Remote Code Execution.\n\n### Vulnerability Details\nThe root cause lies in the `deserialize()` method of `StandardRPCJsonSerializer`. When processing attacker-controlled path segments from the `meta` and `maps` arrays, the deserializer fails to implement validation or sanitization for dangerous JavaScript object keys, specifically `__proto__` and `constructor`:\n\nhttps://github.com/middleapi/orpc/blob/819ed2e0897b18a5d6a4ca85ba68568f055004a1/packages/client/src/adapters/standard/rpc-json-serializer.ts#L137-L213\n\nThere are two primary distinct write vectors available to an attacker:\n\n1. The `meta` vector: Writes type-constrained values (e.g., `Map`, `Set`, `Date`) to arbitrary object paths.\n2. The `maps` vector: Allows the injection of arbitrary string values. This occurs because the return value of `getBlob(i)` (which relies on `FormData.get(i.toString())`) is cast `as Blob`. Since this is strictly a TypeScript compile-time cast, the runtime execution allows standard text fields to return as arbitrary strings.\n\nCrucially, this deserialization process occurs at the very beginning of the request lifecycle before any Zod schema validation takes place. Consequently, a malicious payload will successfully pollute the prototype even if the request is subsequently rejected by the validation layer.\n\nThis issue impacts all server adapters utilizing the RPC protocol.\n\n### Proof of Concept\nTo reproduce the vulnerability, set up the [playgrounds/astro](https://github.com/middleapi/orpc/tree/main/playgrounds/astro) environment and start the development server using `pnpm dev`. \n\nRun the following `curl` command to send a crafted payload:\n\n```bash\ncurl -X POST http://localhost:4321/rpc/planet/create \\\n     -F \u0027data={\"json\":{},\"meta\":[],\"maps\":[[\"__proto__\",\"role\"]]}\u0027 \\\n     -F \u00270=admin\u0027\n```\n\nResult: The deserializer evaluates `maps`, follows the `__proto__` path, and maps index `0` to the string `\"admin\"`. This immediately applies `Object.prototype.role = \"admin\"` across the entire Node.js server instance. \n\n### Impact\nServers relying on `StandardRPCJsonSerializer` for deserialization are immediately susceptible to global prototype pollution. The potential impacts including:\n\n- Privilege Escalation / Authorization Bypass: Attackers can bypass flawed security checks. For example, if the server relies on a defaulted property check like `if (user.role === \"admin\")`, the application will evaluate this as `true` for all users globally.\n- Remote Code Execution: If the application or its dependencies contain susceptible prototype pollution gadgets (e.g., dynamically executing shell commands or scripts based on object properties), this vulnerability can be leveraged into full RCE.\n- Denial of Service: Attackers can overwrite built-in methods (e.g., `toString`) or set objects into unexpected states, causing the application to crash or throw unhandled exceptions globally.",
  "id": "GHSA-m272-9rp6-32mc",
  "modified": "2026-03-06T15:16:22Z",
  "published": "2026-03-02T21:43:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/middleapi/orpc/security/advisories/GHSA-m272-9rp6-32mc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28794"
    },
    {
      "type": "WEB",
      "url": "https://github.com/middleapi/orpc/commit/1dba06fc6f938c2486de303c2fa096bc1c8418b5"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/middleapi/orpc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "`@orpc/client` has Prototype Pollution via `StandardRPCJsonSerializer` Deserialization"
}

GHSA-M2HG-WJQ3-28WQ

Vulnerability from github – Published: 2026-05-18 13:28 – Updated: 2026-06-09 10:28
VLAI
Summary
form-data-objectizer: Prototype pollution in form-data-objectizer via bracket-notation form keys
Details

Summary

form-data-objectizer walks bracket-notation form keys (e.g. name[sub]) into nested objects without filtering __proto__, constructor, or prototype. A single HTTP form field whose name starts with __proto__[...] causes the library to mutate Object.prototype, which is a prototype pollution primitive of the entire Node.js process.

The bug is in treatInitial and treatSecond inside index.cjs:

if (inputName in result) {           // 'in' walks the prototype chain, so '__proto__' matches
  newResult = result[inputName]      // newResult === Object.prototype
}
// ...
result[key] = value                  // sets the property on Object.prototype

With the form key __proto__[polluted] and value yes:

  1. treatInitial matches inputName = "__proto__", rest = "[polluted]".
  2. "__proto__" in result is true (inherited), so newResult = result["__proto__"], which is Object.prototype.
  3. treatSecond recurses with key = "polluted", newRest = "", and assigns Object.prototype.polluted = "yes".

Affected versions

  • form-data-objectizer <= 1.0.0 (currently the only published version)

Patched

Not yet. Suggested fix: reject any segment equal to __proto__, constructor, or prototype before walking into result[inputName] / result[key]. Either throw or skip the entry.

Minimum patch in treatInitial and treatSecond:

const REJECT = new Set(['__proto__', 'constructor', 'prototype']);
if (REJECT.has(inputName) || REJECT.has(key)) {
  return; // or throw
}

Using Object.create(null) for the result object would also work since it has no prototype to pollute, but the key === '__proto__' direct write still needs guarding.

Proof of concept

Fresh install on Node 18+:

mkdir pp-fdo && cd pp-fdo
npm init -y
npm install form-data-objectizer@1.0.0
// poc.js
const FormDataToObject = require('form-data-objectizer');

const form = new FormData();
form.append('username', 'alice');
form.append('__proto__[polluted]', 'yes');

FormDataToObject.toObject(form);
console.log(({}).polluted); // -> 'yes'

Observed output:

package version: 1.0.0
before pollution: undefined
after pollution:  yes
parsed data:     { username: 'alice' }
confirmed:       YES, prototype polluted

The field name __proto__[polluted] is the kind of value an attacker can submit from any HTML form or HTTP client. After the call, every plain object in the process inherits polluted = 'yes'. The visible parsed output drops the malicious key, so the attack leaves no obvious trace in request logs that show parsed bodies.

A second working payload is constructor[prototype][polluted]=yes, which walks result.constructor then .prototype.

Impact

  • Default-reachable prototype pollution via a single unauthenticated HTTP form submission, in any Node.js application that uses form-data-objectizer.toObject() on incoming form data.
  • Persists for the life of the worker process and affects every subsequent request handled by the same process.
  • Direct downstream consequences depend on the host application and the rest of its dependency tree, but typical risks include: bypassing if (obj.isAdmin) style checks, injecting unintended config values into objects merged with user input, breaking template rendering, and crashing the worker by polluting properties used by other libraries (DoS).

CVSS

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L (8.2, High)

Integrity is High because the primitive lets the attacker change the meaning of property reads on every object in the process. Confidentiality is None and Availability is Low without a named downstream gadget; both could be higher in a specific consuming app.

Credit

Reported by Mohamed Bassia (@0xBassia).

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.0.0"
      },
      "package": {
        "ecosystem": "npm",
        "name": "form-data-objectizer"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-46510"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-18T13:28:31Z",
    "nvd_published_at": "2026-05-29T14:16:31Z",
    "severity": "HIGH"
  },
  "details": "## Summary\n\n`form-data-objectizer` walks bracket-notation form keys (e.g. `name[sub]`) into nested objects without filtering `__proto__`, `constructor`, or `prototype`. A single HTTP form field whose name starts with `__proto__[...]` causes the library to mutate `Object.prototype`, which is a prototype pollution primitive of the entire Node.js process.\n\nThe bug is in `treatInitial` and `treatSecond` inside `index.cjs`:\n\n```js\nif (inputName in result) {           // \u0027in\u0027 walks the prototype chain, so \u0027__proto__\u0027 matches\n  newResult = result[inputName]      // newResult === Object.prototype\n}\n// ...\nresult[key] = value                  // sets the property on Object.prototype\n```\n\nWith the form key `__proto__[polluted]` and value `yes`:\n\n1. `treatInitial` matches `inputName = \"__proto__\"`, `rest = \"[polluted]\"`.\n2. `\"__proto__\" in result` is true (inherited), so `newResult = result[\"__proto__\"]`, which is `Object.prototype`.\n3. `treatSecond` recurses with `key = \"polluted\"`, `newRest = \"\"`, and assigns `Object.prototype.polluted = \"yes\"`.\n\n## Affected versions\n\n- `form-data-objectizer` `\u003c= 1.0.0` (currently the only published version)\n\n## Patched\n\nNot yet. Suggested fix: reject any segment equal to `__proto__`, `constructor`, or `prototype` before walking into `result[inputName]` / `result[key]`. Either throw or skip the entry.\n\nMinimum patch in `treatInitial` and `treatSecond`:\n\n```js\nconst REJECT = new Set([\u0027__proto__\u0027, \u0027constructor\u0027, \u0027prototype\u0027]);\nif (REJECT.has(inputName) || REJECT.has(key)) {\n  return; // or throw\n}\n```\n\nUsing `Object.create(null)` for the `result` object would also work since it has no prototype to pollute, but the `key === \u0027__proto__\u0027` direct write still needs guarding.\n\n## Proof of concept\n\nFresh install on Node 18+:\n\n```sh\nmkdir pp-fdo \u0026\u0026 cd pp-fdo\nnpm init -y\nnpm install form-data-objectizer@1.0.0\n```\n\n```js\n// poc.js\nconst FormDataToObject = require(\u0027form-data-objectizer\u0027);\n\nconst form = new FormData();\nform.append(\u0027username\u0027, \u0027alice\u0027);\nform.append(\u0027__proto__[polluted]\u0027, \u0027yes\u0027);\n\nFormDataToObject.toObject(form);\nconsole.log(({}).polluted); // -\u003e \u0027yes\u0027\n```\n\nObserved output:\n\n```\npackage version: 1.0.0\nbefore pollution: undefined\nafter pollution:  yes\nparsed data:     { username: \u0027alice\u0027 }\nconfirmed:       YES, prototype polluted\n```\n\nThe field name `__proto__[polluted]` is the kind of value an attacker can submit from any HTML form or HTTP client. After the call, every plain object in the process inherits `polluted = \u0027yes\u0027`. The visible parsed output drops the malicious key, so the attack leaves no obvious trace in request logs that show parsed bodies.\n\nA second working payload is `constructor[prototype][polluted]=yes`, which walks `result.constructor` then `.prototype`.\n\n## Impact\n\n- Default-reachable prototype pollution via a single unauthenticated HTTP form submission, in any Node.js application that uses `form-data-objectizer.toObject()` on incoming form data.\n- Persists for the life of the worker process and affects every subsequent request handled by the same process.\n- Direct downstream consequences depend on the host application and the rest of its dependency tree, but typical risks include: bypassing `if (obj.isAdmin)` style checks, injecting unintended config values into objects merged with user input, breaking template rendering, and crashing the worker by polluting properties used by other libraries (DoS).\n\n## CVSS\n\n`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L` (8.2, High)\n\nIntegrity is High because the primitive lets the attacker change the meaning of property reads on every object in the process. Confidentiality is None and Availability is Low without a named downstream gadget; both could be higher in a specific consuming app.\n\n## Credit\n\nReported by Mohamed Bassia (@0xBassia).",
  "id": "GHSA-m2hg-wjq3-28wq",
  "modified": "2026-06-09T10:28:03Z",
  "published": "2026-05-18T13:28:31Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/kaspernj/form-data-objectizer/security/advisories/GHSA-m2hg-wjq3-28wq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46510"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kaspernj/form-data-objectizer/commit/7c54b99408e6e9cd6533b7245bf197dadc2a2dbc"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kaspernj/form-data-objectizer"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "form-data-objectizer: Prototype pollution in form-data-objectizer via bracket-notation form keys"
}

GHSA-M2RR-82CC-GH7R

Vulnerability from github – Published: 2025-02-06 06:31 – Updated: 2025-02-06 18:31
VLAI
Details

A prototype pollution in the lib.createPath function of utile v0.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-57065"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-05T22:15:30Z",
    "severity": "HIGH"
  },
  "details": "A prototype pollution in the lib.createPath function of utile v0.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.",
  "id": "GHSA-m2rr-82cc-gh7r",
  "modified": "2025-02-06T18:31:05Z",
  "published": "2025-02-06T06:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57065"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/tariqhawis/7b2c50ccdec39a030091e48a4ccde688"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M3R7-WX5J-GX67

Vulnerability from github – Published: 2024-07-01 15:32 – Updated: 2024-07-03 18:47
VLAI
Details

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-38998"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-01T13:15:05Z",
    "severity": "HIGH"
  },
  "details": "jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.",
  "id": "GHSA-m3r7-wx5j-gx67",
  "modified": "2024-07-03T18:47:30Z",
  "published": "2024-07-01T15:32:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38998"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/mestrtee/9acae342285bd2998fa09ebcb1e6d30a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M428-JQC4-2P5J

Vulnerability from github – Published: 2021-05-06 17:28 – Updated: 2021-05-05 21:46
VLAI
Summary
Prototype Pollution in phpjs
Details

All versions of phpjs up to and including 1.3.2 are vulnerable to Prototype Pollution via parse_str. phpjs is no longer maintained and users are advised to use Locutus as a replacement (https://github.com/locutusjs/locutus)

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "phpjs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-7700"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-05T21:46:10Z",
    "nvd_published_at": "2020-08-14T15:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "All versions of phpjs up to and including 1.3.2 are vulnerable to Prototype Pollution via parse_str. phpjs is no longer maintained and users are advised to use Locutus as a replacement (https://github.com/locutusjs/locutus)",
  "id": "GHSA-m428-jqc4-2p5j",
  "modified": "2021-05-05T21:46:10Z",
  "published": "2021-05-06T17:28:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7700"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-PHPJS-598681"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype Pollution in phpjs"
}

GHSA-M4GQ-X24J-JPMF

Vulnerability from github – Published: 2024-10-22 18:17 – Updated: 2024-10-23 14:24
VLAI
Summary
Prototype pollution vulnerability found in Mermaid's bundled version of DOMPurify
Details

The following bundled files within the Mermaid NPM package contain a bundled version of DOMPurify that is vulnerable to https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674, potentially resulting in an XSS attack.

This affects the built:

  • dist/mermaid.min.js
  • dist/mermaid.js
  • dist/mermaid.esm.mjs
  • dist/mermaid.esm.min.mjs

This will also affect users that use the above files via a CDN link, e.g. https://cdn.jsdelivr.net/npm/mermaid@10.9.2/dist/mermaid.min.js

Users that use the default NPM export of mermaid, e.g. import mermaid from 'mermaid', or the dist/mermaid.core.mjs file, do not use this bundled version of DOMPurify, and can easily update using their package manager with something like npm audit fix.

Patches

  • develop branch: 6c785c93166c151d27d328ddf68a13d9d65adc00
  • backport to v10: 92a07ffe40aab2769dd1c3431b4eb5beac282b34
Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 10.9.2"
      },
      "package": {
        "ecosystem": "npm",
        "name": "mermaid"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "10.9.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-1395"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-10-22T18:17:02Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "The following bundled files within the Mermaid NPM package contain a bundled version of DOMPurify that is vulnerable to https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674, potentially resulting in an XSS attack.\n\nThis affects the built:\n\n- `dist/mermaid.min.js`\n- `dist/mermaid.js`\n- `dist/mermaid.esm.mjs`\n- `dist/mermaid.esm.min.mjs`\n\nThis will also affect users that use the above files via a CDN link, e.g. `https://cdn.jsdelivr.net/npm/mermaid@10.9.2/dist/mermaid.min.js`\n\n**Users that use the default NPM export of `mermaid`, e.g. `import mermaid from \u0027mermaid\u0027`, or the `dist/mermaid.core.mjs` file, do not use this bundled version of DOMPurify, and can easily update using their package manager with something like `npm audit fix`.**\n\n### Patches\n\n- `develop` branch: 6c785c93166c151d27d328ddf68a13d9d65adc00\n- backport to v10: 92a07ffe40aab2769dd1c3431b4eb5beac282b34",
  "id": "GHSA-m4gq-x24j-jpmf",
  "modified": "2024-10-23T14:24:24Z",
  "published": "2024-10-22T18:17:02Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mermaid-js/mermaid/security/advisories/GHSA-m4gq-x24j-jpmf"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mermaid-js/mermaid/commit/6c785c93166c151d27d328ddf68a13d9d65adc00"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mermaid-js/mermaid/commit/92a07ffe40aab2769dd1c3431b4eb5beac282b34"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mermaid-js/mermaid"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype pollution vulnerability found in Mermaid\u0027s bundled version of DOMPurify"
}

GHSA-M56H-5XX3-2JC2

Vulnerability from github – Published: 2024-12-18 15:50 – Updated: 2025-01-07 15:12
VLAI
Summary
Prototype pollution in jsii.configureCategories
Details

Summary

jsii is a TypeScript to JavaScript compiler that also extracts an interface definition manifest to generate RPC stubs in various programming languages. jsii is typically used as a command-line tool, but it can also be loaded as a library. When loaded as a library into a larger application, prototype pollution may happen if untrusted user input is passed to the library. When used as a command line-tool, this pollution cannot occur.

Impact

You may be impacted if you have written an application that loads jsii as a library, and passes untrusted user input into the jsii.configureCategories() function. In that case, a user can craft input in such a way that, following the invocation, a field named "category" with a user-controlled value is added to the JavaScript Object prototype. This will cause every object in the program (both new and existing) to have a field named "category", even if it shouldn't.

This will not affect jsii itself, but it might affect the application you have loaded jsii into.

The function jsii.configureCategories() is used to configure the severity (error, warning, etc.) of various jsii diagnostics.

Impacted versions: <=5.7.2, <=5.6.3, <=5.5.14, <=5.4.45

Example:

const jsii = require('jsii');

// prints 'undefined'
console.log(JSON.stringify({}.category))

// calling 'configureCategories' with user input
jsii.configureCategories(JSON.parse('{"__proto__": "user-input"}'))

// from this point onwards, every single object literal in the program
// will contain the 'category' key, with user controlled value
console.log(JSON.stringify({}.category)) // prints 'user-input'


// this can affect the execution of the main program in case it also makes 
// use of an object key called 'category'. for example, if the main programs 
// happens to have code like this:

const x = {} // some object in the main program (not necessarily empty)

if (x.category) {
  // this block will always be executed, effectively 
  // changing the behavior of the main program.
  console.log('Do something')
} else {
  console.log('Do something else')
}

For more information about javascript prototype pollution, see [1].

Patches

A patch is included in versions 5.7.3, 5.6.4, 5.5.15, 5.4.46

Workarounds

Sanitize user input to configureCategories() by stripping the proto property if detected.

References

If you have any questions or comments about this advisory, we ask that you contact AWS/Amazon Security via our issue reporting page [2] or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.

[1] https://learn.snyk.io/lesson/prototype-pollution/

[2] https://aws.amazon.com/security/issue-reporting

Credits

We would like to thank Tariq Hawis for collaborating on this issue through the coordinated vulnerability disclosure process.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "jsii"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.7.0"
            },
            {
              "fixed": "5.7.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "jsii"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.6.0"
            },
            {
              "fixed": "5.6.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "jsii"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.5.0"
            },
            {
              "fixed": "5.5.15"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "jsii"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.4.0"
            },
            {
              "fixed": "5.4.46"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-12-18T15:50:09Z",
    "nvd_published_at": null,
    "severity": "LOW"
  },
  "details": "## Summary\n\n`jsii` is a TypeScript to JavaScript compiler that also extracts an interface definition manifest to generate RPC stubs in various programming languages. jsii is typically used as a command-line tool, but it can also be loaded as a library.\nWhen loaded as a library into a larger application, prototype pollution may happen if untrusted user input is passed to the library. When used as a command line-tool, this pollution cannot occur.\n\n## Impact\n\nYou may be impacted if you have written an application that loads jsii as a library, and passes untrusted user input into the `jsii.configureCategories()` function. In that case, a user can craft input in such a way that, following the invocation, a field named \"category\" with a user-controlled value is added to the JavaScript Object prototype. This will cause every object in the program (both new and existing) to have a field named \"category\", even if it shouldn\u0027t. \n\n**This will not affect jsii itself, but it might affect the application you have loaded jsii into.**\n\n\u003e The function `jsii.configureCategories()` is used to configure the severity (error, warning, etc.) of various jsii diagnostics.\n\n**Impacted versions: \u003c=5.7.2, \u003c=5.6.3, \u003c=5.5.14, \u003c=5.4.45** \n\n**Example:**\n\n```js\nconst jsii = require(\u0027jsii\u0027);\n\n// prints \u0027undefined\u0027\nconsole.log(JSON.stringify({}.category))\n\n// calling \u0027configureCategories\u0027 with user input\njsii.configureCategories(JSON.parse(\u0027{\"__proto__\": \"user-input\"}\u0027))\n\n// from this point onwards, every single object literal in the program\n// will contain the \u0027category\u0027 key, with user controlled value\nconsole.log(JSON.stringify({}.category)) // prints \u0027user-input\u0027\n\n\n// this can affect the execution of the main program in case it also makes \n// use of an object key called \u0027category\u0027. for example, if the main programs \n// happens to have code like this:\n\nconst x = {} // some object in the main program (not necessarily empty)\n\nif (x.category) {\n  // this block will always be executed, effectively \n  // changing the behavior of the main program.\n  console.log(\u0027Do something\u0027)\n} else {\n  console.log(\u0027Do something else\u0027)\n}\n```\n\nFor more information about javascript prototype pollution, see [1].\n\n## Patches\n\nA patch is included in versions [5.7.3](https://github.com/aws/jsii-compiler/releases/tag/v5.7.3), [5.6.4](https://github.com/aws/jsii-compiler/releases/tag/v5.6.4), [5.5.15](https://github.com/aws/jsii-compiler/releases/tag/v5.5.15), [5.4.46](https://github.com/aws/jsii-compiler/releases/tag/v5.4.46)\n\n## Workarounds\n\nSanitize user input to configureCategories() by stripping the __proto__ property if detected.\n\n## References\n\nIf you have any questions or comments about this advisory, we ask that you contact AWS/Amazon Security via our issue reporting page [2] or directly via email to [aws-security@amazon.com](mailto:aws-security@amazon.com). Please do not create a public GitHub issue.\n\n[1] https://learn.snyk.io/lesson/prototype-pollution/\n\n[2] [https://aws.amazon.com/security/issue-reporting](https://aws.amazon.com/security/vulnerability-reporting)\n\n## Credits\n\nWe would like to thank _Tariq Hawis_ for collaborating on this issue through the coordinated vulnerability disclosure process.",
  "id": "GHSA-m56h-5xx3-2jc2",
  "modified": "2025-01-07T15:12:20Z",
  "published": "2024-12-18T15:50:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/aws/jsii-compiler/security/advisories/GHSA-m56h-5xx3-2jc2"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/aws/jsii-compiler"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aws/jsii-compiler/releases/tag/v5.4.46"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aws/jsii-compiler/releases/tag/v5.5.15"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aws/jsii-compiler/releases/tag/v5.6.4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aws/jsii-compiler/releases/tag/v5.7.3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype pollution in jsii.configureCategories"
}

GHSA-M5XM-MX43-Q65F

Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30
VLAI
Details

Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary file system read in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-34626"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-14T17:16:51Z",
    "severity": "MODERATE"
  },
  "details": "Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027) vulnerability that could result in arbitrary file system read in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-m5xm-mx43-q65f",
  "modified": "2026-04-14T18:30:36Z",
  "published": "2026-04-14T18:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34626"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb26-44.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

By freezing the object prototype first (for example, Object.freeze(Object.prototype)), modification of the prototype becomes impossible.

Mitigation
Architecture and Design

By blocking modifications of attributes that resolve to object prototype, such as proto or prototype, this weakness can be mitigated.

Mitigation
Implementation

Strategy: Input Validation

When handling untrusted objects, validating using a schema can be used.

Mitigation
Implementation

By using an object without prototypes (via Object.create(null) ), adding object prototype attributes by accessing the prototype via the special attributes becomes impossible, mitigating this weakness.

Mitigation
Implementation

Map can be used instead of objects in most cases. If Map methods are used instead of object attributes, it is not possible to access the object prototype or modify it.

CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs

In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to.

CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels

An attacker exploits a weakness in the configuration of access controls and is able to bypass the intended protection that these measures guard against and thereby obtain unauthorized access to the system or network. Sensitive functionality should always be protected with access controls. However configuring all but the most trivial access control systems can be very complicated and there are many opportunities for mistakes. If an attacker can learn of incorrectly configured access security settings, they may be able to exploit this in an attack.

CAPEC-77: Manipulating User-Controlled Variables

This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An adversary can override variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the adversary can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.