admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-08 03:27:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-12-26 08:00:38 +00:00
parent 5d63965a05
commit abd126fd1b
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
1 changed files with 99 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

99
2022/4xxx/CVE-2022-4742.json Normal file
View File

@ -0,0 +1,99 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-4742",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, has been found in json-pointer. Affected by this issue is the function set of the file index.js. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack may be launched remotely. The name of the patch is 859c9984b6c407fc2d5a0a7e47c7274daa681941. It is recommended to apply a patch to fix this issue. VDB-216794 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Eine kritische Schwachstelle wurde in json-pointer entdeckt. Hierbei geht es um die Funktion set der Datei index.js. Mittels Manipulieren mit unbekannten Daten kann eine improperly controlled modification of object prototype attributes ('prototype pollution')-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Patch wird als 859c9984b6c407fc2d5a0a7e47c7274daa681941 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
"cweId": "CWE-1321"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "json-pointer",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.216794",
"refsource": "MISC",
"name": "https://vuldb.com/?id.216794"
},
{
"url": "https://vuldb.com/?ctiid.216794",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.216794"
},
{
"url": "https://github.com/manuelstofer/json-pointer/pull/36",
"refsource": "MISC",
"name": "https://github.com/manuelstofer/json-pointer/pull/36"
},
{
"url": "https://github.com/manuelstofer/json-pointer/commit/859c9984b6c407fc2d5a0a7e47c7274daa681941",
"refsource": "MISC",
"name": "https://github.com/manuelstofer/json-pointer/commit/859c9984b6c407fc2d5a0a7e47c7274daa681941"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
}
]
}
}