Summaryinfo

A vulnerability has been found in chbrown rfc6902 and classified as problematic. This affects an unknown function of the file pointer.ts. Performing a manipulation results in prototype pollution. This vulnerability was named CVE-2021-4245. In addition, an exploit is available. To fix this issue, it is recommended to deploy a patch. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Detailsinfo

A vulnerability classified as problematic has been found in chbrown rfc6902 (the affected version unknown). This affects an unknown part of the file pointer.ts. The manipulation with an unknown input leads to a prototype pollution vulnerability. CWE is classifying the issue as CWE-1321. The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype. This is going to have an impact on confidentiality, integrity, and availability.

The weakness was presented 12/15/2022 as 76. It is possible to read the advisory at github.com. This vulnerability is uniquely identified as CVE-2021-4245. Technical details and a public exploit are known. The attack technique deployed by this issue is T1059 according to MITRE ATT&CK.

The exploit is shared for download at github.com. It is declared as proof-of-concept.

Applying the patch c006ce9faa43d31edb34924f1df7b79c137096cf is able to eliminate this problem. The bugfix is ready for download at github.com.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Vendor

• chbrown

Name

• rfc6902

License

• open-source

Website

• Product: https://github.com/chbrown/rfc6902/

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion