Rewterz Threat Advisory – CVE-2022-22138 – Node.js fast-string-search module Vulnerability
June 21, 2022Rewterz Threat Advisory – CVE-2022-21213 – Node.js mout module Vulnerability
June 21, 2022Rewterz Threat Advisory – CVE-2022-22138 – Node.js fast-string-search module Vulnerability
June 21, 2022Rewterz Threat Advisory – CVE-2022-21213 – Node.js mout module Vulnerability
June 21, 2022Severity
High
Analysis Summary
CVE-2022-21231
Node.js deep-get-set module is vulnerable to a denial of service, caused by a prototype pollution flaw in the deep function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-21231
Affected Vendors
Node.js
Affected Products
Node.js deep-get-set 1.1.1
Remediation
Upgrade to the latest version of deep-get-set, available from the NPM Web site.
NPM Web site