{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-25645","assignerOrgId":"bae035ff-b466-4ff4-94d0-fc9efd9e1730","assignerShortName":"snyk","dateUpdated":"2024-09-17T03:28:40.013Z","dateReserved":"2022-02-24T00:00:00.000Z","datePublished":"2022-05-01T15:30:39.915Z"},"containers":{"cna":{"title":"Prototype Pollution","datePublic":"2022-05-01T00:00:00.000Z","providerMetadata":{"orgId":"bae035ff-b466-4ff4-94d0-fc9efd9e1730","shortName":"snyk","dateUpdated":"2023-09-12T07:06:07.655Z"},"descriptions":[{"lang":"en","value":"All versions of package dset are vulnerable to Prototype Pollution via 'dset/merge' mode, as the dset function checks for prototype pollution by validating if the top-level path contains __proto__, constructor or protorype. By crafting a malicious object, it is possible to bypass this check and achieve prototype pollution."}],"affected":[{"vendor":"n/a","product":"dset","versions":[{"version":"0","status":"affected","lessThan":"unspecified","versionType":"custom"}]}],"references":[{"url":"https://snyk.io/vuln/SNYK-JS-DSET-2330881"},{"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2431974"},{"url":"https://github.com/lukeed/dset/blob/master/src/merge.js%23L9"},{"url":"https://github.com/lukeed/dset/pull/38"}],"credits":[{"lang":"en","value":"Oscar Arnflo"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L/E:P","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW","exploitCodeMaturity":"PROOF_OF_CONCEPT","remediationLevel":"NOT_DEFINED","reportConfidence":"NOT_DEFINED","baseScore":6.5,"temporalScore":6.2,"baseSeverity":"MEDIUM","temporalSeverity":"MEDIUM"}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Prototype Pollution"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T04:42:50.356Z"},"title":"CVE Program Container","references":[{"url":"https://snyk.io/vuln/SNYK-JS-DSET-2330881","tags":["x_transferred"]},{"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2431974","tags":["x_transferred"]},{"url":"https://github.com/lukeed/dset/blob/master/src/merge.js%23L9","tags":["x_transferred"]},{"url":"https://github.com/lukeed/dset/pull/38","tags":["x_transferred"]}]}]}}