Vulnerabilities > CVE-2022-37614 - Unspecified vulnerability in Mockery Project Mockery 2.1.0

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

mockery-project

critical

NVD

Published: 2022-10-12

Updated: 2024-11-21

Summary

Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js.

Vulnerable Configurations

Part	Description	Count
Application	Mockery_Project Mockery Project Mockery 2.1.0	1

References

https://github.com/mfncooper/mockery/blob/822f0566fd6d72af8c943ae5ca2aa92e516aa2cf/mockery.js#L119
https://github.com/mfncooper/mockery/blob/822f0566fd6d72af8c943ae5ca2aa92e516aa2cf/mockery.js#L62
https://github.com/mfncooper/mockery/issues/77
https://github.com/mfncooper/mockery/blob/822f0566fd6d72af8c943ae5ca2aa92e516aa2cf/mockery.js#L119
https://github.com/mfncooper/mockery/issues/77
https://github.com/mfncooper/mockery/blob/822f0566fd6d72af8c943ae5ca2aa92e516aa2cf/mockery.js#L62