Description

The dot package v1.1.2 uses Function() to compile templates. This can be exploited by the attacker if they can control the given template or if they can control the value set on Object.prototype.

Remediation

References

https://hackerone.com/reports/390929

Related Vulnerabilities

CVE-2020-1938 Vulnerability in maven package org.apache.tomcat:tomcat-coyote

CVE-2020-7777 Vulnerability in npm package jsen

CVE-2022-25937 Vulnerability in npm package glance

CVE-2022-31129 Vulnerability in maven package org.webjars.bower:moment

CVE-2022-31023 Vulnerability in maven package com.typesafe.play:play_2.13

Severity

Critical

Classification

CWE-94 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Mitigation Third Party Advisory