CVE-2023-45811

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Oct 17, 2023
Updated: Oct 25, 2023
CWE ID 1321

Summary

CVE-2023-45811 is a __proto__ pollution vulnerability that affects versions before v2.4.4 of the Synchrony deobfuscator, a JavaScript cleaner and deobfuscator. This vulnerability allows crafted input to modify properties in the Object prototype, potentially leading to arbitrary code execution. To remediate this issue, users are advised to upgrade to version 2.4.4 of the deobfuscator. If upgrading is not possible, launching node with the [--disable-proto=delete] or [--disable-proto=throw] flags can mitigate the vulnerability's impact. The potential danger posed by this vulnerability is high, with a CVSS base severity rating of HIGH and impacts on integrity and confidentiality.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-45811 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options