CVE-2020-15366

An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.)

Weakness

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

Affected Software

Name	Vendor	Start Version	End Version
Ajv	Ajv.js	6.12.2 (including)	6.12.2 (including)
Red Hat Automation Hub 4.2 for RHEL 7	RedHat	automation-hub-0:4.2.2-1.el7pc	*
Red Hat Automation Hub 4.2 for RHEL 7	RedHat	python3-django-0:2.2.18-1.el7pc	*
Red Hat Automation Hub 4.2 for RHEL 7	RedHat	python-bleach-0:3.3.0-1.el7pc	*
Red Hat Automation Hub 4.2 for RHEL 7	RedHat	python-bleach-allowlist-0:1.0.3-1.el7pc	*
Red Hat Automation Hub 4.2 for RHEL 7	RedHat	python-galaxy-importer-0:0.2.15-1.el7pc	*
Red Hat Automation Hub 4.2 for RHEL 7	RedHat	python-galaxy-ng-0:4.2.2-1.el7pc	*
Red Hat Automation Hub 4.2 for RHEL 7	RedHat	python-pulp-ansible-1:0.5.6-1.el7pc	*
Red Hat Automation Hub 4.2 for RHEL 8	RedHat	automation-hub-0:4.2.2-1.el8pc	*
Red Hat Automation Hub 4.2 for RHEL 8	RedHat	python3-django-0:2.2.18-1.el8pc	*
Red Hat Automation Hub 4.2 for RHEL 8	RedHat	python-bleach-0:3.3.0-1.el8pc	*
Red Hat Automation Hub 4.2 for RHEL 8	RedHat	python-bleach-allowlist-0:1.0.3-1.el8pc	*
Red Hat Automation Hub 4.2 for RHEL 8	RedHat	python-galaxy-importer-0:0.2.15-1.el8pc	*
Red Hat Automation Hub 4.2 for RHEL 8	RedHat	python-galaxy-ng-0:4.2.2-1.el8pc	*
Red Hat Automation Hub 4.2 for RHEL 8	RedHat	python-pulp-ansible-1:0.5.6-1.el8pc	*
Red Hat Enterprise Linux 8	RedHat	nodejs:12-8030020201124152102.229f0a1c	*
Red Hat Enterprise Linux 8	RedHat	nodejs:10-8030020210118191659.229f0a1c	*
Red Hat Enterprise Linux 8	RedHat	nodejs:14-8030020210126165503.229f0a1c	*
Red Hat OpenShift Container Platform 4.6	RedHat	openshift4/ose-console:v4.6.0-202010100121.p0	*
Red Hat OpenShift Container Platform 4.6	RedHat	openshift4/ose-prometheus:v4.6.0-202009290409.p0	*
Red Hat Quay 3	RedHat	quay/quay-rhel8:v3.6.0-62	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	rh-nodejs12-nodejs-0:12.19.1-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	rh-nodejs14-nodejs-0:14.15.4-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	rh-nodejs10-nodejs-0:10.23.1-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS	RedHat	rh-nodejs12-nodejs-0:12.19.1-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS	RedHat	rh-nodejs14-nodejs-0:14.15.4-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS	RedHat	rh-nodejs10-nodejs-0:10.23.1-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS	RedHat	rh-nodejs12-nodejs-0:12.19.1-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS	RedHat	rh-nodejs14-nodejs-0:14.15.4-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS	RedHat	rh-nodejs10-nodejs-0:10.23.1-2.el7	*
Node-ajv	Ubuntu	bionic	*
Node-ajv	Ubuntu	eoan	*
Node-ajv	Ubuntu	focal	*
Node-ajv	Ubuntu	trusty	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-15366
CWE	https://cwe.mitre.org/data/definitions/1321.html

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Weakness

Affected Software

Potential Mitigations

References

CVE-2020-15366

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References