Bug 2004944 (CVE-2021-23440)
Summary: | CVE-2021-23440 nodejs-set-value: type confusion allows bypass of CVE-2019-10747 | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Marian Rehak <mrehak> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | amctagga, amuller, anpicker, aos-bugs, bdettelb, bmontgom, eparis, erooth, etamir, ewolinet, extras-orphan, gghezzo, gparvin, hvyas, jburrell, jcantril, jokerman, jramanat, jwendell, mwringe, nbecker, nstielau, ocs-bugs, pahickey, periklis, ploffay, rcernich, spasquie, sponnaga, stcannon, twalsh, vkumar |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | set-value 4.0.1 | Doc Type: | If docs needed, set a value |
Doc Text: |
A type confusion vulnerability in nodejs-set-value can lead to a bypass of CVE-2019-10747. If the user-provided keys used in the path parameter are arrays, the function mixin-deep can be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype, or _proto_ payloads. This vulnerability can impact data confidentiality, integrity, and availability.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-11-08 14:50:46 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1999601, 2004945, 2006743, 2012071, 2012072, 2012073, 2012074, 2012075, 2012076, 2012077, 2012078, 2012079, 2012080, 2012081, 2013239, 2013240, 2013241, 2016080 | ||
Bug Blocks: | 2004947 |
Description
Marian Rehak
2021-09-16 13:35:03 UTC
Created nodejs-set-value tracking bugs for this issue: Affects: fedora-33 [bug 2004945] Downgrading the impact to Moderate, as this not qualify for Important severity Red Hat rating. Upstream PR and fix: https://github.com/jonschlinkert/set-value/pull/33 https://github.com/jonschlinkert/set-value/commit/7cf8073bb06bf0c15e08475f9f952823b4576452 This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.2 for RHEL 8 Red Hat Advanced Cluster Management for Kubernetes 2.2 for RHEL 7 Via RHSA-2021:5038 https://access.redhat.com/errata/RHSA-2021:5038 This issue has been addressed in the following products: Red Hat OpenShift Data Foundation 4.11 on RHEL8 Via RHSA-2022:6156 https://access.redhat.com/errata/RHSA-2022:6156 |