An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.) References: https://github.com/ajv-validator/ajv/releases/tag/v6.12.3 https://hackerone.com/bugs?subject=user&report_id=894259
Upstream Commit: https://github.com/ajv-validator/ajv/commit/988982d3fde08e3ea074e8942442834e78c45587
External References: https://snyk.io/vuln/SNYK-JS-AJV-584908
Statement: In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-ajv library to authenticated users only, therefore the impact is low.
Just FTR, this is not addressed in any stable Node.js upstream release AFAIK: https://github.com/nodejs/node/blob/v10.x/deps/npm/node_modules/ajv/lib/dot/dependencies.jst https://github.com/nodejs/node/blob/v12.x/deps/npm/node_modules/ajv/lib/dot/dependencies.jst https://github.com/nodejs/node/blob/v14.x/deps/npm/node_modules/ajv/lib/dot/dependencies.jst
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.6 Via RHSA-2020:4298 https://access.redhat.com/errata/RHSA-2020:4298
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-15366
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS Via RHSA-2020:5305 https://access.redhat.com/errata/RHSA-2020:5305
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:5499 https://access.redhat.com/errata/RHSA-2020:5499
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS Via RHSA-2021:0421 https://access.redhat.com/errata/RHSA-2021:0421
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS Via RHSA-2021:0521 https://access.redhat.com/errata/RHSA-2021:0521
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:0548 https://access.redhat.com/errata/RHSA-2021:0548
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:0551 https://access.redhat.com/errata/RHSA-2021:0551
This issue has been addressed in the following products: Red Hat Automation Hub 4.2 for RHEL 7 Red Hat Automation Hub 4.2 for RHEL 8 Via RHSA-2021:0781 https://access.redhat.com/errata/RHSA-2021:0781
This issue has been addressed in the following products: Red Hat Quay 3 Via RHSA-2021:3917 https://access.redhat.com/errata/RHSA-2021:3917