CVE-2023-28427

HIGH8.2EPSS 0.60%

Prototype pollution in matrix-js-sdk (part 2)

Published: 3/30/2023Modified: 11/8/2023
Also known as:GHSA-mwq8-fjpf-c2grDEBIAN-CVE-2023-28427

Description

### Impact In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the `Object.prototype`, disrupting matrix-js-sdk functionality, causing denial of service and potentially affecting program logic. (This is part 2, where [CVE-2022-36059](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36059) / [GHSA-rfv9-x7hh-xc32](https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32) is part 1. Part 2 covers remaining vectors not covered by part 1, found in a codebase audit scheduled after part 1.) ### Patches The issue has been patched in matrix-js-sdk 24.0.0. ### Workarounds None. ### References - [Release blog post](https://matrix.org/blog/2023/03/28/security-releases-matrix-js-sdk-24-0-0-and-matrix-react-sdk-3-69-0) - The advisory [GHSA-rfv9-x7hh-xc32](https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32) ([CVE-2022-36059](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36059)) refers to an initial set of vulnerable locations discovered and patched in matrix-js-sdk 19.4.0. We opted not to disclose that advisory while we performed an audit of the codebase and are now disclosing it jointly with this one. ### For more information If you have any questions or comments about this advisory please email us at [security at matrix.org](mailto:[email protected]).

Affected packages (3)

CVSS scores

SourceVersionSeverityVector
osvCVSS 3.1HIGH8.2CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

References (9)