Miggo Logo

CVE-2019-19507: Validation bypass is possible in Json Pattern Validator

5.3

CVSS Score
3.1

Basic Information

EPSS Score
0.48155%
Published
12/4/2019
Updated
1/9/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
jpvnpm< 2.1.12.1.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The CVE explicitly identifies compareCommon() as the vulnerable function where type validation occurs via constructor.name checks. The GitHub Issue #6 shows this check happening in validation logic (value.constructor.name comparison) which would be contained in compareCommon. The validate() function is the entry point that processes attacker-controlled JSON and triggers compareCommon, making both functions relevant for runtime detection. The vulnerability stems from trusting mutable constructor properties for type validation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In jpv (*k* Json P*tt*rn V*li**tor) ***or* *.*.*, *omp*r**ommon() **n ** *yp*ss** ****us* **rt*in int*rn*l *ttri*ut*s **n ** ov*rwritt*n vi* * *on*li*tin* n*m*, *s **monstr*t** *y '*onstru*tor': {'n*m*':'*rr*y'}. T*is *****ts v*li**t*(). **n**, * *r*

Reasoning

T** *V* *xpli*itly i**nti*i*s `*omp*r**ommon()` *s t** vuln*r**l* *un*tion w**r* typ* v*li**tion o**urs vi* *onstru*tor.n*m* ****ks. T** *it*u* Issu* #* s*ows t*is ****k **pp*nin* in v*li**tion lo*i* (v*lu*.*onstru*tor.n*m* *omp*rison) w*i** woul* **