Prototype Pollution

Affecting org.webjars.bower:angular artifact, versions [1.4.6,1.7.9)

Report new vulnerabilities
Do your applications use this vulnerable package? Test your applications

Overview

org.webjars.bower:angular is a bower WebJar for angular.

Affected versions of this package are vulnerable to Prototype Pollution. The function merge() could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.

PoC by Snyk

angular.merge({}, JSON.parse('{"__proto__": {"xxx": "polluted"}}'));
console.log(({}).xxx);

Remediation

Upgrade org.webjars.bower:angular to version 1.7.9 or higher.

References

CVSS Score

7.3
high severity
  • Attack Vector
    Network
  • Attack Complexity
    Low
  • Privileges Required
    None
  • User Interaction
    None
  • Scope
    Unchanged
  • Confidentiality
    Low
  • Integrity
    Low
  • Availability
    Low
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Credit
Snyk Security Team
CVE
CVE-2019-10768
CWE
CWE-400
Snyk ID
SNYK-JAVA-ORGWEBJARSBOWER-539653
Disclosed
06 Nov, 2019
Published
19 Nov, 2019