2000734 – (CVE-2021-3757) CVE-2021-3757 nodejs-immer: prototype pollution may lead to DoS or remote code execution

Bug 2000734 (CVE-2021-3757) - CVE-2021-3757 nodejs-immer: prototype pollution may lead to DoS or remote code execution

Summary: CVE-2021-3757 nodejs-immer: prototype pollution may lead to DoS or remote cod...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2021-3757
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2003615 2003617 2003618 2006296 2006297 2006298 2006862 2006863 2007205 2007206 2007207 2007209
Blocks:	2000735
TreeView+	depends on / blocked

Reported:	2021-09-02 19:15 UTC by Guilherme de Almeida Suckevicz
Modified:	2023-09-01 01:26 UTC (History)
CC List:	30 users (show)
Fixed In Version:	immer 9.0.6
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in immer when manipulates object attributes such as _proto_, constructor and prototype. An attacker can manipulate these values by overwriting and polluting them. Those attributes would be inherited by JavaScript objects which could trigger exception handlers and leading into a denial of service attack.
Clone Of:
Environment:
Last Closed:	2021-11-29 14:39:15 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2021:4848	0	None	None	None	2021-11-29 14:32:35 UTC

Description Guilherme de Almeida Suckevicz 2021-09-02 19:15:46 UTC

immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Reference:
https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa

Upstream patch:
https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237

Comment 12 errata-xmlrpc 2021-11-29 14:32:33 UTC

This issue has been addressed in the following products:

  Red Hat Migration Toolkit for Containers 1.5

Via RHSA-2021:4848 https://access.redhat.com/errata/RHSA-2021:4848

Comment 13 Product Security DevOps Team 2021-11-29 14:39:12 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-3757

Note You need to log in before you can comment on or make changes to this bug.

amuller
anpicker
aos-bugs
bmontgom
dymurray
eparis
erooth
fcanogab
gghezzo
gparvin
ibolton
jburrell
jmatthew
jmontleo
jnakfour
jokerman
jramanat
jwendell
kaycoth
nstielau
pahickey
rcernich
rfreiman
slucidi
spasquie
sponnaga
sseago
stcannon
twalsh
vkumar