Rewterz Threat Advisory – CVE-2022-21231 – Node.js deep-get-set module Vulnerability
June 21, 2022Rewterz Threat Alert – Nanocore Rat – Active IOCs
June 21, 2022Rewterz Threat Advisory – CVE-2022-21231 – Node.js deep-get-set module Vulnerability
June 21, 2022Rewterz Threat Alert – Nanocore Rat – Active IOCs
June 21, 2022Severity
High
Analysis Summary
CVE-2022-21213
Node.js mout module is vulnerable to a denial of service, caused by a prototype pollution flaw in the deepFillIn function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-21213
Affected Vendors
Node.js
Affected Products
Node.js mout 1.2.3
Remediation
Upgrade to the latest version of mout, available from the NPM Web site.
NPM Web site