CVE-2022-21824

CVE-2022-21824

Name

CVE-2022-21824

Description

Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to.

NVD Severity

high

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Issue Tracking	https://hackerone.com/reports/1431042
Release Notes	https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
Third Party Advisory	https://security.netapp.com/advisory/ntap-20220325-0007/
MISC	https://www.oracle.com/security-alerts/cpuapr2022.html
Third Party Advisory	https://www.debian.org/security/2022/dsa-5170
Third Party Advisory	https://www.oracle.com/security-alerts/cpujul2022.html
Third Party Advisory	https://security.netapp.com/advisory/ntap-20220729-0004/
Mailing List	https://lists.debian.org/debian-lts-announce/2022/10/msg00006.html

Type

URI

Issue Tracking

https://hackerone.com/reports/1431042

Release Notes

https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/

Third Party Advisory

https://security.netapp.com/advisory/ntap-20220325-0007/

MISC

https://www.oracle.com/security-alerts/cpuapr2022.html

Third Party Advisory

https://www.debian.org/security/2022/dsa-5170

Third Party Advisory

https://www.oracle.com/security-alerts/cpujul2022.html

Third Party Advisory

https://security.netapp.com/advisory/ntap-20220729-0004/

Mailing List

https://lists.debian.org/debian-lts-announce/2022/10/msg00006.html

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:nodejs:node.js:::::lts:::*`	nodejs	>= 12.0.0	< 12.22.9
`cpe:2.3:a:nodejs:node.js:::::lts:::*`	nodejs	>= 14.0.0	< 14.18.3
`cpe:2.3:a:nodejs:node.js:::::lts:::*`	nodejs	>= 16.0.0	< 16.13.2
`cpe:2.3:a:nodejs:node.js:::::-:::*`	nodejs	>= 17.0.0	< 17.3.1

CPE URI

Source package

Min version

Max version

cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*

nodejs

>= 12.0.0

< 12.22.9

cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*

nodejs

>= 14.0.0

< 14.18.3

cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*

nodejs

>= 16.0.0

< 16.13.2

cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*

nodejs

>= 17.0.0

< 17.3.1

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
openjdk11	edge-community	11.0.15_p10-r0	Simon Frankenberger <simon-alpine@fraho.eu>	fixed
openjdk11	3.22-community	11.0.15_p10-r0	None	fixed
openjdk11	3.21-community	11.0.15_p10-r0	None	fixed
openjdk11	3.20-community	11.0.15_p10-r0	None	fixed
openjdk11	3.19-community	11.0.15_p10-r0	None	fixed
openjdk11	3.18-community	11.0.15_p10-r0	None	fixed
openjdk11	3.17-community	11.0.15_p10-r0	None	fixed
nodejs-current	edge-community	17.3.1-r0	Jose-Luis Rivas <ghostbar@riseup.net>	fixed
nodejs-current	3.22-community	17.3.1-r0	None	fixed
nodejs-current	3.21-community	17.3.1-r0	None	fixed
nodejs-current	3.20-community	17.3.1-r0	None	fixed
nodejs-current	3.19-community	17.3.1-r0	None	fixed
nodejs-current	3.18-community	17.3.1-r0	None	fixed
nodejs-current	3.17-community	17.3.1-r0	None	fixed
nodejs	edge-main	16.13.2-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
nodejs	edge-main	14.18.1-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
nodejs	edge-main	14.17.6-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
nodejs	edge-main	14.17.5-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
nodejs	edge-main	14.17.4-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
nodejs	edge-main	14.16.1-r0	None	possibly vulnerable
nodejs	edge-main	14.16.0-r0	None	possibly vulnerable
nodejs	edge-main	14.15.5-r0	None	possibly vulnerable
nodejs	edge-main	14.15.4-r0	None	possibly vulnerable
nodejs	edge-main	14.15.1-r0	None	possibly vulnerable
nodejs	edge-main	12.18.4-r0	None	possibly vulnerable
nodejs	edge-main	12.18.0-r0	None	possibly vulnerable
nodejs	edge-main	12.15.0-r0	None	possibly vulnerable
nodejs	3.22-main	16.13.2-r0	None	fixed
nodejs	3.22-main	14.18.1-r0	None	possibly vulnerable
nodejs	3.22-main	14.17.6-r0	None	possibly vulnerable
nodejs	3.22-main	14.17.5-r0	None	possibly vulnerable
nodejs	3.22-main	14.17.4-r0	None	possibly vulnerable
nodejs	3.22-main	14.16.1-r0	None	possibly vulnerable
nodejs	3.22-main	14.16.0-r0	None	possibly vulnerable
nodejs	3.22-main	14.15.5-r0	None	possibly vulnerable
nodejs	3.22-main	14.15.4-r0	None	possibly vulnerable
nodejs	3.22-main	14.15.1-r0	None	possibly vulnerable
nodejs	3.22-main	12.18.4-r0	None	possibly vulnerable
nodejs	3.22-main	12.18.0-r0	None	possibly vulnerable
nodejs	3.22-main	12.15.0-r0	None	possibly vulnerable
nodejs	3.21-main	16.13.2-r0	None	fixed
nodejs	3.21-main	14.18.1-r0	None	possibly vulnerable
nodejs	3.21-main	14.17.6-r0	None	possibly vulnerable
nodejs	3.21-main	14.17.5-r0	None	possibly vulnerable
nodejs	3.21-main	14.17.4-r0	None	possibly vulnerable
nodejs	3.21-main	14.16.1-r0	None	possibly vulnerable
nodejs	3.21-main	14.16.0-r0	None	possibly vulnerable
nodejs	3.21-main	14.15.5-r0	None	possibly vulnerable
nodejs	3.21-main	14.15.4-r0	None	possibly vulnerable
nodejs	3.21-main	14.15.1-r0	None	possibly vulnerable
nodejs	3.21-main	12.18.4-r0	None	possibly vulnerable
nodejs	3.21-main	12.18.0-r0	None	possibly vulnerable
nodejs	3.21-main	12.15.0-r0	None	possibly vulnerable
nodejs	3.20-main	16.13.2-r0	None	fixed
nodejs	3.20-main	14.18.1-r0	None	possibly vulnerable
nodejs	3.20-main	14.17.6-r0	None	possibly vulnerable
nodejs	3.20-main	14.17.5-r0	None	possibly vulnerable
nodejs	3.20-main	14.17.4-r0	None	possibly vulnerable
nodejs	3.20-main	14.16.1-r0	None	possibly vulnerable
nodejs	3.20-main	14.16.0-r0	None	possibly vulnerable
nodejs	3.20-main	14.15.5-r0	None	possibly vulnerable
nodejs	3.20-main	14.15.4-r0	None	possibly vulnerable
nodejs	3.20-main	14.15.1-r0	None	possibly vulnerable
nodejs	3.20-main	12.18.4-r0	None	possibly vulnerable
nodejs	3.20-main	12.18.0-r0	None	possibly vulnerable
nodejs	3.20-main	12.15.0-r0	None	possibly vulnerable
nodejs	3.19-main	16.13.2-r0	None	fixed
nodejs	3.19-main	14.18.1-r0	None	possibly vulnerable
nodejs	3.19-main	14.17.6-r0	None	possibly vulnerable
nodejs	3.19-main	14.17.5-r0	None	possibly vulnerable
nodejs	3.19-main	14.17.4-r0	None	possibly vulnerable
nodejs	3.19-main	14.16.1-r0	None	possibly vulnerable
nodejs	3.19-main	14.16.0-r0	None	possibly vulnerable
nodejs	3.19-main	14.15.5-r0	None	possibly vulnerable
nodejs	3.19-main	14.15.4-r0	None	possibly vulnerable
nodejs	3.19-main	14.15.1-r0	None	possibly vulnerable
nodejs	3.19-main	12.18.4-r0	None	possibly vulnerable
nodejs	3.19-main	12.18.0-r0	None	possibly vulnerable
nodejs	3.19-main	12.15.0-r0	None	possibly vulnerable
nodejs	3.18-main	16.13.2-r0	None	fixed
nodejs	3.17-main	16.13.2-r0	None	fixed
nodejs	3.12-main	12.22.10-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed

Source package

Branch

Version

Maintainer

Status

openjdk11

edge-community

11.0.15_p10-r0

Simon Frankenberger <simon-alpine@fraho.eu>

fixed

openjdk11

3.22-community