Description

The dot package v1.1.2 uses Function() to compile templates. This can be exploited by the attacker if they can control the given template or if they can control the value set on Object.prototype.

Remediation

References

https://hackerone.com/reports/390929

Related Vulnerabilities

CVE-2020-17518 Vulnerability in maven package org.apache.flink:flink-runtime_2.12

CVE-2020-13822 Vulnerability in npm package elliptic

CVE-2017-16148 Vulnerability in npm package serve46

CVE-2021-23378 Vulnerability in npm package picotts

CVE-2021-21277 Vulnerability in npm package angular-expressions

Severity

Critical

Classification

CWE-94 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Mitigation Third Party Advisory