mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 18:42:46 +00:00
1.9 KiB
1.9 KiB
CVE-2021-23436
Description
This affects the package immer before 9.0.6. A type confusion vulnerability can lead to a bypass of CVE-2020-28477 when the user-provided keys used in the path parameter are arrays. In particular, this bypass is possible because the condition (p === "proto" || p === "constructor") in applyPatches_ returns false if p is ['proto'] (or ['constructor']). The === operator (strict equality operator) returns false if the operands have different type.
POC
Reference
Github
- https://github.com/1345122890/1345122890
- https://github.com/1345122890/mmcloud
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Amichaii/EVERWallet
- https://github.com/Andreablog/OpenEV
- https://github.com/DanielBanasiuk/Kuliah
- https://github.com/DanilPetelin/FlutterLNotificationsp
- https://github.com/DenverCat/Yogi
- https://github.com/JuliaLiootti/PS4G
- https://github.com/MexicoBen/nInstalls
- https://github.com/NatalieYeah/robmikh
- https://github.com/Sydneypom/CModules
- https://github.com/VanconVincius/Tomasz-Mankowski
- https://github.com/WiliamBroown/Volunteer
- https://github.com/broxus/ever-wallet-browser-extension
- https://github.com/broxus/ever-wallet-browser-extension-old
- https://github.com/dellalibera/dellalibera
- https://github.com/grafana/plugin-validator
- https://github.com/khulnasoft/plugin-validator
- https://github.com/lSGerald/sentinel-officialc
- https://github.com/vitaliydrebotiz/vitaliydrebotiz