CVE-2021-23438

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-23438

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23438.json

Aliases

GHSA-p92x-r36w-9395
SNYK-JAVA-ORGWEBJARSNPM-1579548
SNYK-JS-MPATH-1577289

Published

2021-09-01T19:15:07Z

Modified

2023-11-29T08:42:48.962055Z

Details

This affects the package mpath before 0.8.4. A type confusion vulnerability can lead to a bypass of CVE-2018-16490. In particular, the condition ignoreProperties.indexOf(parts[i]) !== -1 returns -1 if parts[i] is ['proto']. This is because the method that has been called if the input is an array is Array.prototype.indexOf() and not String.prototype.indexOf(). They behave differently depending on the type of the input.

References

Affected packages

Git / github.com/aheckmann/mpath

Affected ranges

Type: GIT
Repo: https://github.com/aheckmann/mpath
Events: Introduced

0The exact introduced commit is unknown

Fixed

634a0fa0f97bf1d00791647e3094273ba360a9ed

Type: GIT
Repo: https://github.com/mongoosejs/mpath
Events: Introduced

0The exact introduced commit is unknown

Fixed

89402d2880d4ea3518480a8c9847c541f2d824fc

Affected versions

0.*

0.0.1

0.1.0

0.1.1

0.2.0

0.2.1

0.3.0

0.4.1

0.5.0

0.5.1

0.5.2

0.6.0

0.7.0

0.8.0

0.8.1

0.8.2

0.8.3