Security Fix for Prototype Pollution - huntr.dev

[huntr-helper]

https://huntr.dev/users/d3m0n-r00t has fixed the Prototype Pollution vulnerability 🔨. Think you could fix a vulnerability like this?

Get involved at https://huntr.dev/

Q | A
Version Affected | ALL
Bug Fix | YES
Original Pull Request | 418sec#1
Vulnerability README | https://github.com/418sec/huntr/blob/master/bounties/npm/simple-deep-assign/1/README.md

User Comments:

📊 Metadata *

Fixed Prototype pollution in simple-deep-assign.

Bounty URL: https://www.huntr.dev/bounties/1-npm-simple-deep-assign

⚙️ Description *

simple-deep-assign is vulnerable to Prototype Pollution.

💻 Technical Description *

The package is vulnerable to Prototype pollution in the deepAssgin function. This vulnerability is fixed by filtering the keywords that causes pollution from the object.

🐛 Proof of Concept (PoC) *

// poc.mjs
import deepAssign from 'simple-deep-assign';

console.log('Before: ', {}.polluted})
deepAssign({}, JSON.parse('{"__proto__": {"polluted": "Prototype Polluted"}}'));
console.log('After: ', {}.polluted})

Before: undefined
After: Prototype Polluted

🔥 Proof of Fix (PoF) *

After fix:

👍 User Acceptance Testing (UAT)

All ok.

🔗 Relates to...

Provide the URL of the PR for the disclosure that this fix relates to.