spmrc Prototype Pollution Vulnerability Allowing Denial-of-Service
Vulnerability
A prototype pollution vulnerability has been identified in the spmrc package, specifically in versions through 1.2.0. The issue arises in the set and config functions, where improper handling of user input allows attackers to inject properties into Object.prototype. This exploitation can lead to denial-of-service conditions, as the modified prototype can disrupt normal object behavior.
Impact
Exploitation of this vulnerability allows for prototype pollution, where an attacker can inject properties into the prototype of built-in JavaScript objects. This can cause denial-of-service conditions by disrupting the expected behavior of objects, and in some cases, could lead to arbitrary code execution, depending on the context.
Reproduction
To reproduce this vulnerability, use spmrc version 1.2.0 or earlier. The vulnerability can be triggered by calling the .set() method with a payload that includes nested property paths, such as '__proto__.pollutedProp'. This will inject the specified property into the prototype of a built-in JavaScript object, exploiting the prototype pollution vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.