Lucene search
MitreCVE-2022-37617HistoryOct 11, 2022 - 11:15 p.m.
CVE-2022-37617
2022-10-1123:15:10
CWE-1321
mitre
web.nvd.nist.gov
30
7
cve-2022-37617
prototype pollution
resolveshims
resolve-shims.js
browserify-shim 3.8.15
security vulnerability
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.003
Percentile
71.4%
Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the k variable in resolve-shims.js.
Affected configurations
Node
browserify-shim_projectbrowserify-shimMatch3.8.15
| Vendor | Product | Version | CPE |
|---|---|---|---|
| browserify-shim_project | browserify-shim | 3.8.15 | cpe:2.3:a:browserify-shim_project:browserify-shim:3.8.15:*:*:*:*:*:*:* |
References
Social References
More
Related
osv
osv
thlorenz browserify-shim vulnerable to prototype pollution
2022-10-12 12:00:18
CVE-2022-37617
2022-10-11 23:15:10
github
github
thlorenz browserify-shim vulnerable to prototype pollution
2022-10-12 12:00:18
veracode
veracode
Prototype Pollution
2022-10-19 02:58:45
prion
prion
Code injection
2022-10-11 23:15:00
cvelist
cvelist
CVE-2022-37617
2022-10-11 00:00:00
nvd
nvd
CVE-2022-37617
2022-10-11 23:15:10
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.003
Percentile
71.4%
Related for CVE-2022-37617