CVE-2019-19507 - OpenCVE

In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': {'name':'Array'}. This affects validate(). Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Json Pattern Validator Project	Json Pattern Validator

Configuration 1 [-]

cpe:2.3:a:json_pattern_validator_project:json_pattern_validator:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/manvel-khnkoyan/jpv/issues/6	Exploit Issue Tracking Third Party Advisory
https://www.npmjs.com/package/jpv	Product

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-12-02T16:17:45

Updated: 2019-12-02T16:17:45

Reserved: 2019-12-02T00:00:00

Link: CVE-2019-19507

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-12-02T17:15:13.187

Modified: 2019-12-19T17:42:17.280

Link: CVE-2019-19507

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': {'name':'Array'}. This affects validate(). Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-12-02T16:17:45", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/manvel-khnkoyan/jpv/issues/6"}, {"tags": ["x_refsource_MISC"], "url": "https://www.npmjs.com/package/jpv"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-19507", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': {'name':'Array'}. This affects validate(). Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/manvel-khnkoyan/jpv/issues/6", "refsource": "MISC", "url": "https://github.com/manvel-khnkoyan/jpv/issues/6"}, {"name": "https://www.npmjs.com/package/jpv", "refsource": "MISC", "url": "https://www.npmjs.com/package/jpv"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-19507", "datePublished": "2019-12-02T16:17:45", "dateReserved": "2019-12-02T00:00:00", "dateUpdated": "2019-12-02T16:17:45", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:json_pattern_validator_project:json_pattern_validator:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F1083D2-D514-48D7-884F-CBC15FE194F7", "versionEndExcluding": "2.1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': {'name':'Array'}. This affects validate(). Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result."}, {"lang": "es", "value": "En jpv (tambi\u00e9n se conoce como Json Pattern Validator) versiones anteriores a 2.1.1, la funci\u00f3n compareCommon() se puede omitir porque ciertos atributos internos pueden ser sobrescritos por medio de un nombre en conflicto, como es demostrado por 'constructor': {'name':'Array'}. Esto afecta a la funci\u00f3n validate(). Por lo tanto, una carga \u00fatil dise\u00f1ada puede sobrescribir este atributo incorporado para manipular el resultado de detecci\u00f3n de tipo."}], "id": "CVE-2019-19507", "lastModified": "2019-12-19T17:42:17.280", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-12-02T17:15:13.187", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/manvel-khnkoyan/jpv/issues/6"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.npmjs.com/package/jpv"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}