{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-15366", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-04T13:15:20.438Z", "dateReserved": "2020-06-29T00:00:00", "datePublished": "2020-07-15T19:14:07"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-21T19:08:28.352888"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.)"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://hackerone.com/bugs?subject=user&report_id=894259"}, {"url": "https://github.com/ajv-validator/ajv/tags"}, {"url": "https://github.com/ajv-validator/ajv/releases/tag/v6.12.3"}, {"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:15:20.438Z"}, "title": "CVE Program Container", "references": [{"url": "https://hackerone.com/bugs?subject=user&report_id=894259", "tags": ["x_transferred"]}, {"url": "https://github.com/ajv-validator/ajv/tags", "tags": ["x_transferred"]}, {"url": "https://github.com/ajv-validator/ajv/releases/tag/v6.12.3", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240621-0007/", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ajv.js:ajv:6.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "1A5BC338-EF25-4E55-8521-F59D10963910", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.)"}, {"lang": "es", "value": "Se detect\u00f3 un problema en la funci\u00f3n ajv.validate() en Ajv (tambi\u00e9n se conoce como Another JSON Schema Validator) versi\u00f3n 6.12.2. Un esquema JSON cuidadosamente dise\u00f1ado podr\u00eda ser proporcionado que permita una ejecuci\u00f3n de otro c\u00f3digo mediante una contaminaci\u00f3n de prototipo. (Si bien se recomiendan esquemas no confiables, el peor caso de un esquema no confiable debe ser una denegaci\u00f3n de servicio, no la ejecuci\u00f3n de c\u00f3digo)"}], "id": "CVE-2020-15366", "lastModified": "2024-11-21T05:05:25.327", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-15T20:15:13.380", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/ajv-validator/ajv/releases/tag/v6.12.3"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/ajv-validator/ajv/tags"}, {"source": "cve@mitre.org", "tags": ["Permissions Required"], "url": "https://hackerone.com/bugs?subject=user&report_id=894259"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20240621-0007/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/ajv-validator/ajv/releases/tag/v6.12.3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/ajv-validator/ajv/tags"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "https://hackerone.com/bugs?subject=user&report_id=894259"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20240621-0007/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1321"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el7", "package": "automation-hub-0:4.2.2-1.el7pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 7", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el7", "package": "python3-django-0:2.2.18-1.el7pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 7", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el7", "package": "python-bleach-0:3.3.0-1.el7pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 7", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el7", "package": "python-bleach-allowlist-0:1.0.3-1.el7pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 7", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el7", "package": "python-galaxy-importer-0:0.2.15-1.el7pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 7", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el7", "package": "python-galaxy-ng-0:4.2.2-1.el7pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 7", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el7", "package": "python-pulp-ansible-1:0.5.6-1.el7pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 7", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el8", "package": "automation-hub-0:4.2.2-1.el8pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 8", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el8", "package": "python3-django-0:2.2.18-1.el8pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 8", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el8", "package": "python-bleach-0:3.3.0-1.el8pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 8", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el8", "package": "python-bleach-allowlist-0:1.0.3-1.el8pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 8", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el8", "package": "python-galaxy-importer-0:0.2.15-1.el8pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 8", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el8", "package": "python-galaxy-ng-0:4.2.2-1.el8pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 8", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0781", "cpe": "cpe:/a:redhat:ansible_automation_platform:4.2::el8", "package": "python-pulp-ansible-1:0.5.6-1.el8pc", "product_name": "Red Hat Automation Hub 4.2 for RHEL 8", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2020:5499", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "nodejs:12-8030020201124152102.229f0a1c", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-12-15T00:00:00Z"}, {"advisory": "RHSA-2021:0548", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "nodejs:10-8030020210118191659.229f0a1c", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-02-16T00:00:00Z"}, {"advisory": "RHSA-2021:0551", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "nodejs:14-8030020210126165503.229f0a1c", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-02-16T00:00:00Z"}, {"advisory": "RHSA-2020:4298", "cpe": "cpe:/a:redhat:openshift:4.6::el8", "impact": "low", "package": "openshift4/ose-console:v4.6.0-202010100121.p0", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2020-10-27T00:00:00Z"}, {"advisory": "RHSA-2020:4298", "cpe": "cpe:/a:redhat:openshift:4.6::el8", "impact": "low", "package": "openshift4/ose-prometheus:v4.6.0-202009290409.p0", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2020-10-27T00:00:00Z"}, {"advisory": "RHSA-2021:3917", "cpe": "cpe:/a:redhat:quay:3::el8", "package": "quay/quay-rhel8:v3.6.0-62", "product_name": "Red Hat Quay 3", "release_date": "2021-10-19T00:00:00Z"}, {"advisory": "RHSA-2020:5305", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs12-nodejs-0:12.19.1-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2020-12-01T00:00:00Z"}, {"advisory": "RHSA-2021:0421", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs14-nodejs-0:14.15.4-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0521", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs10-nodejs-0:10.23.1-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2021-02-15T00:00:00Z"}, {"advisory": "RHSA-2020:5305", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs12-nodejs-0:12.19.1-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2020-12-01T00:00:00Z"}, {"advisory": "RHSA-2021:0421", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs14-nodejs-0:14.15.4-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0521", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs10-nodejs-0:10.23.1-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2021-02-15T00:00:00Z"}, {"advisory": "RHSA-2020:5305", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs12-nodejs-0:12.19.1-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2020-12-01T00:00:00Z"}, {"advisory": "RHSA-2021:0421", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs14-nodejs-0:14.15.4-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2021-02-04T00:00:00Z"}, {"advisory": "RHSA-2021:0521", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs10-nodejs-0:10.23.1-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2021-02-15T00:00:00Z"}], "bugzilla": {"description": "nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function", "id": "1857977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857977"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "status": "verified"}, "cwe": "CWE-471", "details": ["An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.)", "A flaw was found in nodejs-ajv. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code."], "name": "CVE-2020-15366", "package_state": [{"cpe": "cpe:/a:redhat:service_mesh:1", "fix_state": "Fix deferred", "impact": "low", "package_name": "kiali", "product_name": "OpenShift Service Mesh 1"}, {"cpe": "cpe:/a:redhat:service_mesh:1", "fix_state": "Fix deferred", "impact": "low", "package_name": "servicemesh-grafana", "product_name": "OpenShift Service Mesh 1"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift3/ose-console", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift4/ose-grafana", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:1", "fix_state": "Will not fix", "package_name": "kubevirt-web-ui", "product_name": "Red Hat OpenShift Virtualization 1"}], "public_date": "2020-07-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-15366\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-15366\nhttps://snyk.io/vuln/SNYK-JS-AJV-584908"], "statement": "In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-ajv library to authenticated users only, therefore the impact is low.", "threat_severity": "Moderate"}