expr-eval icon indicating copy to clipboard operation
expr-eval copied to clipboard

Published 20 hours ago verified publisher icon silentmatt

Possible Prototype Pollution

Open yoshino-s opened this issue 4 years ago • 6 comments

I have found a possible prototype pollution vuln in this package. With speficific input attckers can define properties on prototype, which will lead to prototype pollution.

Also I have made a tiny fix to prevent acccess prototype, which may fix this vuln.

https://github.com/418sec/expr-eval/pull/1

Should we accept the pr or write some alert to users to do not use untrusted input?

yoshino-s avatar Mar 29 '21 02:03 yoshino-s

Thanks for finding and fixing this! I had it create a pull request (#252) and I'll make sure it gets merged and released soon.

silentmatt avatar Mar 29 '21 21:03 silentmatt

Thanks a lot.

yoshino-s avatar Mar 30 '21 00:03 yoshino-s

By the way, should we submit it to github security advisory and npm advisory, which will automatically alert downstream package and app? And, can we apply for an CVE ID for the vuln, which can help me a lot? Thanks a lot.

yoshino-s avatar Mar 31 '21 13:03 yoshino-s

any progress here?

yoshino-s avatar Jun 01 '21 14:06 yoshino-s

Any reason why this issue is still open?

motherthestate avatar Jan 04 '22 08:01 motherthestate

Despite a fix being merged there's been no release yet :(

It would be great if we could cut a 2.0.3 release

willstott101 avatar Jan 10 '22 16:01 willstott101