Lucene search

PRIOn knowledge basePRION:CVE-2021-4307

HistoryJan 07, 2023 - 8:15 p.m.

Design/Logic Flaw

2023-01-0720:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

yomguithereal baobab

critical

design/logic flaw

prototype pollution

remote attack

upgrade

patch

vdb-217627

9.5 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.5%

JSON

A vulnerability was found in Yomguithereal Baobab up to 2.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). The attack can be launched remotely. Upgrading to version 2.6.1 is able to address this issue. The patch is named c56639532a923d9a1600fb863ec7551b188b5d19. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217627.

CPENameOperatorVersion
baobabge2.0.0
baobablt2.6.1

CPE	Name	Operator	Version
	baobab	ge	2.0.0
	baobab	lt	2.6.1

References

github.com/Yomguithereal/baobab/commit/c56639532a923d9a1600fb863ec7551b188b5d19

github.com/Yomguithereal/baobab/pull/511

github.com/Yomguithereal/baobab/releases/tag/2.6.1

vuldb.com/?ctiid.217627

vuldb.com/?id.217627