Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2021-23438

High

9.8/10

Summary

A Type Confusion vulnerability was present in the mpath package versions prior to 0.8.4 that could lead to a bypass of CVE-2018-16490. In particular, the condition "ignoreProperties.indexOf(parts[i]) !== -1" returns "-1" "if parts[i] are ['__proto__']". This is because the method that has been called if the input is an array is "Array.prototype.indexOf()" and not "String.prototype.indexOf()". They behave differently depending on the type of input.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

The program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

References

Advisory Timeline

Published Sep 01, 2021

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2021-23438

Summary

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS