Impact
The vulnerability exposes Aurelia application that uses aurelia-path package to parse a string. The majority of this will be Aurelia applications that employ the aurelia-router package. An example is this could allow an attacker to change the prototype of base object class Object by tricking an application to parse the following URL: https://aurelia.io/blog/?__proto__[asdf]=asdf
Patches
The problem should be patched in version 1.1.7. Any version earlier than this is vulnerable.
Workarounds
A partial work around is to free the Object prototype:
Object.freeze(Object.prototype)
References
#44
For more information
If you have any questions or comments about this advisory:
Impact
The vulnerability exposes Aurelia application that uses
aurelia-pathpackage to parse a string. The majority of this will be Aurelia applications that employ theaurelia-routerpackage. An example is this could allow an attacker to change the prototype of base object classObjectby tricking an application to parse the following URL:https://aurelia.io/blog/?__proto__[asdf]=asdfPatches
The problem should be patched in version
1.1.7. Any version earlier than this is vulnerable.Workarounds
A partial work around is to free the Object prototype:
References
#44
For more information
If you have any questions or comments about this advisory: