Description

The dot package v1.1.2 uses Function() to compile templates. This can be exploited by the attacker if they can control the given template or if they can control the value set on Object.prototype.

Remediation

References

https://hackerone.com/reports/390929

Related Vulnerabilities

CVE-2020-5397 Vulnerability in maven package org.springframework:spring-webflux

CVE-2021-41248 Vulnerability in npm package graphiql

CVE-2020-26296 Vulnerability in maven package org.webjars.bower:vega

CVE-2022-24999 Vulnerability in npm package qs

CVE-2022-45383 Vulnerability in maven package org.jenkins-ci.plugins:support-core

Severity

Critical

Classification

CWE-94 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Mitigation Third Party Advisory