Description

The dot package v1.1.2 uses Function() to compile templates. This can be exploited by the attacker if they can control the given template or if they can control the value set on Object.prototype.

Remediation

References

https://hackerone.com/reports/390929

Related Vulnerabilities

CVE-2022-45143 Vulnerability in maven package org.apache.tomcat:tomcat-util

CVE-2020-12265 Vulnerability in npm package decompress

CVE-2022-22885 Vulnerability in maven package cn.hutool:hutool-http

CVE-2021-41183 Vulnerability in maven package org.webjars.bowergithub.jquery:jquery-ui

CVE-2021-41561 Vulnerability in maven package org.apache.parquet:parquet

Severity

Critical

Classification

CWE-94 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Mitigation Third Party Advisory