CVE-2020-7637
Prototype Pollution vulnerability in class-transformer
What is CVE-2020-7637 About?
This vulnerability affects class-transformer through 0.2.3 and is categorized as Prototype Pollution. It allows attackers to manipulate object prototypes, which can lead to various impacts including denial of service or remote code execution. Exploitation is relatively straightforward once an attacker can control specific input values.
Affected Software
Technical Details
The 'classToPlainFromExist' function in class-transformer is susceptible to Prototype Pollution. An attacker can craft a payload containing '__proto__' as a property key within data processed by this function. When such a payload is processed, the '__proto__' property is interpreted as the JavaScript prototype chain, allowing the attacker to inject or modify properties of 'Object.prototype'. This manipulation extends to all objects in the application, enabling broad impact.
What is the Impact of CVE-2020-7637?
Successful exploitation may allow attackers to inject arbitrary properties into global object prototypes, leading to denial of service, data tampering, or potentially remote code execution in vulnerable applications.
What is the Exploitability of CVE-2020-7637?
Exploitation typically involves providing specially crafted input to the vulnerable function. The complexity is low, as it primarily requires controlling the structure and content of data that gets processed. Authentication and privilege requirements are generally low or non-existent, depending on where the vulnerable function is exposed. This is often a remote vulnerability, requiring an attacker to send malicious data over the network. The main constraint is the ability to submit data that eventually passes through the vulnerable 'classToPlainFromExist' function. Risk factors include applications that deserialize untrusted user input without proper sanitization.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2020-7637?
Available Upgrade Options
- class-transformer
- <0.3.1 → Upgrade to 0.3.1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/typestack/class-transformer/commit/8f04eb9db02de708f1a20f6f2d2bb309b2fed01e
- https://nvd.nist.gov/vuln/detail/CVE-2020-7637
- https://snyk.io/vuln/SNYK-JS-CLASSTRANSFORMER-564431
- https://osv.dev/vulnerability/GHSA-6gp3-h3jj-prx4
- https://github.com/typestack/class-transformer
- https://github.com/typestack/class-transformer/blob/a650d9f490573443f62508bc063b857bcd5e2525/src/ClassTransformer.ts#L29-L31,
- https://snyk.io/vuln/SNYK-JS-CLASSTRANSFORMER-564431
- https://github.com/typestack/class-transformer/commit/8f04eb9db02de708f1a20f6f2d2bb309b2fed01e
What are Similar Vulnerabilities to CVE-2020-7637?
Similar Vulnerabilities: CVE-2020-28282 , CVE-2020-28503 , CVE-2020-7660 , CVE-2019-11358 , CVE-2019-10747
