Vulnerability identifier: #VU88224
Vulnerability risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID:
CWE-ID:
CWE-1321
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
JSONata
Other software /
Other software solutions
Vendor: andrew-coleman
Description
The vulnerability allows a remote attacker to execute arbitrary JavaScript code.
The vulnerability exists due to malicious expression can use the transform operator to override properties on the `Object` constructor and prototype.. A remote attacker can pass specially crafted input to the application and perform prototype pollution, which can result in denial of service, remote code execution or other unexpected behavior in applications that evaluate user-provided JSONata expressions.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
JSONata: 1.4 - 2.0.3
External links
http://github.com/jsonata-js/jsonata/security/advisories/GHSA-fqg8-vfv7-8fj8
http://github.com/jsonata-js/jsonata/commit/1d579dbe99c19fbe509f5ba2c6db7959b0d456d1
http://github.com/jsonata-js/jsonata/commit/335d38f6278e96c908b24183f1c9c90afc8ae00c
http://github.com/jsonata-js/jsonata/commit/c907b5e517bb718015fcbd993d742ba6202f2be2
http://github.com/jsonata-js/jsonata/releases/tag/v2.0.4
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.