CVE-2022-24999
HIGH7.5EPSS 1.5%qs vulnerable to Prototype Pollution
發布日:2022/11/27修改日:2025/4/29
描述
qs before 6.10.3 allows attackers to cause a Node process hang because an `__ proto__` key can be used. In many typical web framework use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as `a[__proto__]=b&a[__proto__]&a[length]=100000000`. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4.
受影響套件(3)
- Debian/node-qsfrom 0, < 6.9.4+ds-1+deb11u1
- Debian/node-qsfrom 0, < 6.5.2-1+deb10u1
- npm/qs>= 6.10.0, < 6.10.3
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
參考連結(17)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-24999
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2022-24999
- PATCHhttps://github.com/ljharb/qs
- WEBhttps://github.com/expressjs/express/releases/tag/4.17.3
- WEBhttps://github.com/ljharb/qs/commit/4310742efbd8c03f6495f07906b45213da0a32ec
- WEBhttps://github.com/ljharb/qs/commit/727ef5d34605108acb3513f72d5435972ed15b68
- WEBhttps://github.com/ljharb/qs/commit/73205259936317b40f447c5cdb71c5b341848e1b
- WEBhttps://github.com/ljharb/qs/commit/8b4cc14cda94a5c89341b77e5fe435ec6c41be2d
- WEBhttps://github.com/ljharb/qs/commit/ba24e74dd17931f825adb52f5633e48293b584e1
- WEBhttps://github.com/ljharb/qs/commit/e799ba57e573a30c14b67c1889c7c04d508b9105
- WEBhttps://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f
- WEBhttps://github.com/ljharb/qs/commit/f945393cfe442fe8c6e62b4156fd35452c0686ee
- WEBhttps://github.com/ljharb/qs/commit/fc3682776670524a42e19709ec4a8138d0d7afda
- WEBhttps://github.com/ljharb/qs/pull/428
- WEBhttps://github.com/n8tz/CVE-2022-24999
- WEBhttps://lists.debian.org/debian-lts-announce/2023/01/msg00039.html
- WEBhttps://security.netapp.com/advisory/ntap-20230908-0005