estree-util-value-to-estree Prototype Pollution Vulnerability

A prototype pollution vulnerability exists in the estree-util-value-to-estree package, specifically in versions prior to 3.3.3. The issue arises when the valueToEstree function processes an object with a __proto__ property. Instead of treating it as a regular property, the function incorrectly interprets it as a prototype specification, leading to potential prototype pollution.

Impact

Exploitation of this vulnerability allows for prototype pollution, where an attacker can manipulate an object's prototype, potentially leading to unexpected behavior in the application.

Reproduction

To reproduce this vulnerability, use the valueToEstree function with an object that includes a __proto__ property. The generated ESTree will incorrectly reflect the prototype specification instead of the intended property value.

Remediation

Users can upgrade to estree-util-value-to-estree version 3.3.3 or later to address this vulnerability. If the input cannot be controlled, remove any __proto__ properties before passing the object to the valueToEstree function.