CVE-2022-41714

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-41714

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41714.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-41714

Aliases

GHSA-p5g9-rjcf-95vj

Published

2022-11-03T20:15:31Z

Modified

2025-07-29T10:41:27.334530Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

fastest-json-copy version 1.0.1 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the 'proto' property to be edited.

References

Affected packages

Git / github.com/streamich/fastest-json-copy

Affected ranges

Type: GIT
Repo: https://github.com/streamich/fastest-json-copy
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

cbd70313d1f3f99dd621bf7986a72db44241e542

Affected versions

v1.*

v1.0.0

v1.0.1