ts-fns Prototype Pollution Vulnerability

A prototype pollution vulnerability exists in the ts-fns package in versions prior to 13.0.7. The issue arises in the 'assign' function, where inadequate validation of user-supplied keys allows attackers to manipulate the Object.prototype chain. This manipulation can lead to the injection of arbitrary properties into the global object's prototype, causing application crashes, unexpected code execution, or bypassing security validation that relies on prototype integrity. The vulnerability is due to improper handling of deep property assignment in the library's public API.

Impact

Exploitation of this vulnerability allows for prototype pollution, which can disrupt the application's prototype chain, potentially leading to arbitrary code execution, application crashes, or bypassing critical security validations that depend on the integrity of the prototype.

Reproduction

To reproduce this vulnerability, use a version of the ts-fns package prior to 13.0.7. The 'assign' function can be called with user-defined keys that traverse the prototype chain, such as '__proto__'. The function's lack of proper input validation will allow the injection of properties into Object.prototype, which can then be exploited to disrupt the application or execute arbitrary code.

Remediation

Users should update to ts-fns version 13.0.7 or later, where this vulnerability has been addressed.