A question about CVE-2022-24999
heheda1212138 opened this issue · comments
heheda1212138 commented
Hi, i'm looking at CVE-2022-24999 vulnerability, but i'm confused about how Prototype Pollution is caused, i read the source code, i think the [hasOwnProperty] function has filtered 'proto' attribution, and even if i set 'allowPrototype' as true, it will asign an object to 'proto', so it won't cause Prototype Pollution.
So, if you can give me some hint, i'll appreciate it very much!
Jordan Harband commented
As you can see from the linked PR, #428, it's not actually "prototype pollution" in that it doesn't pollute any shared [[Prototype]] objects - but it can pollute the prototype of the resulting parsed object, which can cause bugs in server code.