Description

The dot package v1.1.2 uses Function() to compile templates. This can be exploited by the attacker if they can control the given template or if they can control the value set on Object.prototype.

Remediation

References

https://hackerone.com/reports/390929

Related Vulnerabilities

CVE-2021-39176 Vulnerability in npm package detect-character-encoding

CVE-2022-29823 Vulnerability in npm package feathers-sequelize

CVE-2021-41182 Vulnerability in maven package org.webjars.bower:jquery-ui

CVE-2019-12041 Vulnerability in npm package remarkable

CVE-2022-28158 Vulnerability in maven package com.surenpi.jenkins:phoenix-autotest

Severity

Critical

Classification

CWE-94 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Mitigation Third Party Advisory