Description

The dot package v1.1.2 uses Function() to compile templates. This can be exploited by the attacker if they can control the given template or if they can control the value set on Object.prototype.

Remediation

References

https://hackerone.com/reports/390929

Related Vulnerabilities

CVE-2018-19289 Vulnerability in npm package valine

CVE-2020-7646 Vulnerability in npm package curlrequest

CVE-2021-27516 Vulnerability in maven package org.webjars.npm:urijs

CVE-2020-15119 Vulnerability in maven package org.webjars.npm:auth0-lock

CVE-2022-24881 Vulnerability in maven package com.hccake:ballcat-codegen

Severity

Critical

Classification

CWE-94 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Mitigation Third Party Advisory