Home > Vulnerability Database > CVE-2021-4245

Mend.io Vulnerability Database

CVE-2021-4245

Good to know:

Date: December 15, 2022

A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The exploit has been disclosed to the public and may be used. The name of the patch is c006ce9faa43d31edb34924f1df7b79c137096cf. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215883.

Language: TYPE_SCRIPT

Severity Score

9.8

Related Resources (5)

Url: https://github.com/chbrown/rfc6902/commit/c006ce9faa43d31edb34924f1df7b79c137096cf

Url: https://vuldb.com/?id.215883

Url: https://github.com/chbrown/rfc6902/pull/76

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-4245

Url: https://www.mend.io/vulnerability-database/CVE-2021-4245

Severity Score

9.8

Weakness Type (CWE)

Code Injection

CWE-94

Injection

CWE-74

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-1321

Top Fix

Upgrade Version

Upgrade to version rfc6902 - 5.0.0

Learn More

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2021-4245

Good to know:

Date: December 15, 2022

Language: TYPE_SCRIPT

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?