Skip to the content.

CVE-2022-29823 - Feathers - Query “__proto__” is converted to real prototype

CVE CVE-2022-29823
Case DIVD-2022-00020
Discovered by
  • Thomas Rinsma and Kevin Valk (Codean)
Credits
  • Discovered by Thomas Rinsma and Kevin Valk (Codean)
Products Feather js:
  • Feathers-Sequalize
Versions Feather js:
  • Feathers-Sequalize
    • 6.x (< 6.3.4)
Page author Victor Pasman
CVSS Base score: 10
References
Last modified 08 Dec 2022 16:28

Description

Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.


JSON version