Moderate severityNVD Advisory· Published Apr 6, 2020· Updated Aug 4, 2024
CVE-2020-7638
CVE-2020-7638
Description
CVE-2020-7638 is a Prototype Pollution vulnerability in the confinit npm package, allowing attackers to add or modify Object.prototype properties via the setDeepProperty function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2020-7638 is a Prototype Pollution vulnerability in the confinit npm package, allowing attackers to add or modify Object.prototype properties via the setDeepProperty function.
CVE-2020-7638 describes a Prototype Pollution vulnerability in the confinit npm package up to version 0.3.0. The setDeepProperty function can be tricked into adding or modifying properties of Object.prototype by using a __proto__ payload in the property path [1][2]. This occurs because the function does not properly sanitize the input property path, allowing an attacker to traverse up the prototype chain and pollute the base Object prototype.
Exploitation does not require authentication or special access; the vulnerability can be triggered by any application accepting configuration data that is passed to setDeepProperty. The attacker supplies a propertyPath string starting with __proto__, causing function to set properties on the prototype of all objects in the application [1][3].
Successful Prototype Pollution can lead to denial of service by causing JavaScript exceptions, or may enable remote code execution by overwriting key application properties. Since the polluted properties are inherited by all objects, an attacker can influence application logic or bypass security checks [3].
The vulnerability was patched in commit a34e06ca5c1c8b047ef112ef188b2fe30d2a1eab, which added validation to reject invalid object types and checks for safe property paths [1]. Users should upgrade to a fixed version or apply the patch.
References
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
confinitnpm | < 0.4.0 | 0.4.0 |
Affected products
2- confinit/confinitdescription
Patches
110 files changed · +154 −30
index.d.ts+3 −1 modified@@ -6,6 +6,8 @@ export declare function validate(configuration: any): void; export declare function applyEnvVariables(configuration: any, envVariables: NodeJS.ProcessEnv, envPrefix?: string): void; export declare function applyConfigFile(configuration: any, configFile: string): void; export declare function applyCommandArgs(configuration: any, argv: string[]): void; -export declare function setDeepProperty(obj: any, propertyPath: string, value: any): void; +export declare function setDeepProperty(obj: { + [key: string]: any; +}, propertyPath: string, value: any): void; export declare function getDeepProperty(obj: any, propertyPath: string): any; export declare function objectsAreEqual(obj1: any, obj2: any, leftOnly?: boolean): boolean;
index.js+38 −10 modified@@ -58,14 +58,24 @@ function applyCommandArgs(configuration, argv) { return; } debug("Appling command arguments:", parsedArgv); - if (parsedArgv.config) { - const configFile = path.resolve(process.cwd(), parsedArgv.config); + const CONFIG_PROP = 'config'; + if (parsedArgv[CONFIG_PROP]) { + const configFile = path.resolve(process.cwd(), parsedArgv[CONFIG_PROP]); applyConfigFile(configuration, configFile); } for (const key in parsedArgv) { if (!parsedArgv.hasOwnProperty(key)) { continue; } + if (key.startsWith('_')) { + continue; + } + if (key.endsWith('_')) { + continue; + } + if (key === CONFIG_PROP) { + continue; + } const configKey = key .replace(/_/g, "."); debug(`Found config value from cmd args '${key}' to '${configKey}'`); @@ -74,19 +84,37 @@ function applyCommandArgs(configuration, argv) { } exports.applyCommandArgs = applyCommandArgs; function setDeepProperty(obj, propertyPath, value) { - const a = splitPath(propertyPath); - const n = a.length; - for (let i = 0; i < n - 1; i++) { - const k = a[i]; - if (!(k in obj)) { - obj[k] = {}; + if (!obj) { + throw new Error("Invalid object"); + } + if (!propertyPath) { + throw new Error("Invalid property path"); + } + const pathParts = splitPath(propertyPath); + const pathPartsLen = pathParts.length; + for (let i = 0; i < pathPartsLen - 1; i++) { + const pathPart = pathParts[i]; + if (!(pathPart in obj)) { + setProp(obj, pathPart, {}); } - obj = obj[k]; + obj = getProp(obj, pathPart); } - obj[a[n - 1]] = value; + setProp(obj, pathParts[pathPartsLen - 1], value); return; } exports.setDeepProperty = setDeepProperty; +function setProp(obj, property, value) { + if (!obj.hasOwnProperty(property)) { + throw new Error(`Property '${property}' is not valid`); + } + obj[property] = value; +} +function getProp(obj, property) { + if (!obj.hasOwnProperty(property)) { + throw new Error(`Property '${property}' is not valid`); + } + return obj[property]; +} function getDeepProperty(obj, propertyPath) { let ret = obj; const a = splitPath(propertyPath);
index.js.map+1 −1 modified@@ -1 +1 @@ -{"version":3,"file":"index.js","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":";;AAAA,6BAA6B;AAE7B,+BAA+B;AAC/B,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC;AAG9B,MAAM,KAAK,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;AAMtC,SAAS,SAAS,CAAC,KAAU;IAC5B,OAAO,KAAK,IAAK,KAAwB,CAAC,QAAQ,KAAK,SAAS,CAAC;AAClE,CAAC;AAED,SAAgB,QAAQ,CAAC,aAAkB;IAC1C,KAAK,MAAM,cAAc,IAAI,aAAa,EAAE;QAC3C,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,cAAc,CAAC,EAAE;YAClD,SAAS;SACT;QAED,MAAM,KAAK,GAAG,aAAa,CAAC,cAAc,CAAC,CAAC;QAC5C,IAAI,SAAS,CAAC,KAAK,CAAC,EAAE;YACrB,KAAK,CAAC,QAAQ,EAAE,CAAC;SACjB;KACD;AACF,CAAC;AAXD,4BAWC;AAED,SAAgB,iBAAiB,CAAC,aAAkB,EAAE,YAA+B,EAAE,SAAS,GAAG,UAAU;IAC5G,KAAK,MAAM,MAAM,IAAI,YAAY,EAAE;QAClC,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,MAAM,CAAC;eACpC,OAAO,YAAY,CAAC,MAAM,CAAC,KAAK,QAAQ;eACxC,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC;eAC7B,MAAM,CAAC,MAAM,IAAI,SAAS,CAAC,MAAM,EAAE;YACtC,SAAS;SACT;QAED,MAAM,SAAS,GAAG,MAAM;aACtB,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC;aACxB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAErB,KAAK,CAAC,gCAAgC,MAAM,SAAS,SAAS,GAAG,CAAC,CAAC;QAEnE,eAAe,CAAC,aAAa,EAAE,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;KAChE;AACF,CAAC;AAjBD,8CAiBC;AAED,SAAgB,eAAe,CAAC,aAAkB,EAAE,UAAkB;IACrE,KAAK,CAAC,uBAAuB,UAAU,EAAE,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IACnC,KAAK,CAAC,MAAM,CAAC,CAAC;IAEd,KAAK,MAAM,cAAc,IAAI,aAAa,EAAE;QAC3C,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,cAAc,CAAC,EAAE;YAClD,SAAS;SACT;QAED,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC;KAC3E;AACF,CAAC;AAZD,0CAYC;AAED,SAAgB,gBAAgB,CAAC,aAAkB,EAAE,IAAc;IAClE,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;QAC1B,OAAO;KACP;IAED,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAErB,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACzC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE;QACrB,OAAO;KACP;IAED,KAAK,CAAC,4BAA4B,EAAE,UAAU,CAAC,CAAC;IAEhD,IAAI,UAAU,CAAC,MAAM,EAAE;QACtB,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;QAClE,eAAe,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;KAC3C;IAED,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE;QAC7B,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE;YACpC,SAAS;SACT;QAED,MAAM,SAAS,GAAG,GAAG;aACnB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAErB,KAAK,CAAC,qCAAqC,GAAG,SAAS,SAAS,GAAG,CAAC,CAAC;QAErE,eAAe,CAAC,aAAa,EAAE,SAAS,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;KAC3D;AACF,CAAC;AAhCD,4CAgCC;AAGD,SAAgB,eAAe,CAAC,GAAQ,EAAE,YAAoB,EAAE,KAAU;IACzE,MAAM,CAAC,GAAG,SAAS,CAAC,YAAY,CAAC,CAAC;IAClC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;IAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC/B,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAEf,IAAI,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,EAAE;YAChB,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;SACZ;QACD,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;KACb;IAGD,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;IACtB,OAAO;AACR,CAAC;AAhBD,0CAgBC;AAED,SAAgB,eAAe,CAAC,GAAQ,EAAE,YAAoB;IAC7D,IAAI,GAAG,GAAQ,GAAG,CAAC;IAEnB,MAAM,CAAC,GAAG,SAAS,CAAC,YAAY,CAAC,CAAC;IAClC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;IAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,EAAE;QAC3B,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,EAAE;YACb,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;SACb;aAAM;YACN,OAAO;SACP;KACD;IAED,OAAO,GAAG,CAAC;AACZ,CAAC;AAhBD,0CAgBC;AAED,SAAgB,eAAe,CAAC,IAAS,EAAE,IAAS,EAAE,WAAoB,KAAK;IAC9E,IAAI,OAAM,CAAC,IAAI,CAAC,KAAK,UAAU,EAAE;QAChC,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;KAClD;IAED,eAAe;IACf,IAAI,OAAM,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,SAAS,EAAE;QACrE,MAAM,UAAU,GAAG,IAAI,KAAK,IAAI,CAAC;QACjC,IAAI,UAAU,EAAE;YACf,OAAO,UAAU,CAAC;SAClB;QAED,IAAI,SAAS,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE;YACvC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;SAC7C;QAED,OAAO,KAAK,CAAC;KACb;IAED,sCAAsC;IACtC,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE;QACrB,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE;YAC5B,SAAS;SACT;QAED,wCAAwC;QACxC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE;YAC5B,OAAO,KAAK,CAAC;SACb;QAED,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE;YACvC,OAAO,KAAK,CAAC;SACb;KACD;IAED,IAAI,CAAC,QAAQ,EAAE;QACd,0CAA0C;QAC1C,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE;YACrB,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE;gBAC5B,SAAS;aACT;YAED,wCAAwC;YACxC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE;gBAC5B,OAAO,KAAK,CAAC;aACb;SACD;KACD;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAlDD,0CAkDC;AAED,SAAS,SAAS,CAAC,YAAoB;IACtC,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC,CAAC,gCAAgC;IAC1F,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAW,sBAAsB;IAChF,OAAO,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,SAAS,CAAC,KAAa;IAC/B,2CAA2C;IAC3C,MAAM,SAAS,GAAG,0QAA0Q,CAAC;IAC7R,OAAO,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC9B,CAAC"} \ No newline at end of file +{"version":3,"file":"index.js","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":";;AAAA,6BAA6B;AAE7B,+BAA+B;AAC/B,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC;AAG9B,MAAM,KAAK,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;AAMtC,SAAS,SAAS,CAAC,KAAU;IAC5B,OAAO,KAAK,IAAK,KAAwB,CAAC,QAAQ,KAAK,SAAS,CAAC;AAClE,CAAC;AAED,SAAgB,QAAQ,CAAC,aAAkB;IAC1C,KAAK,MAAM,cAAc,IAAI,aAAa,EAAE;QAC3C,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,cAAc,CAAC,EAAE;YAClD,SAAS;SACT;QAED,MAAM,KAAK,GAAG,aAAa,CAAC,cAAc,CAAC,CAAC;QAC5C,IAAI,SAAS,CAAC,KAAK,CAAC,EAAE;YACrB,KAAK,CAAC,QAAQ,EAAE,CAAC;SACjB;KACD;AACF,CAAC;AAXD,4BAWC;AAED,SAAgB,iBAAiB,CAAC,aAAkB,EAAE,YAA+B,EAAE,SAAS,GAAG,UAAU;IAC5G,KAAK,MAAM,MAAM,IAAI,YAAY,EAAE;QAClC,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,MAAM,CAAC;eACpC,OAAO,YAAY,CAAC,MAAM,CAAC,KAAK,QAAQ;eACxC,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC;eAC7B,MAAM,CAAC,MAAM,IAAI,SAAS,CAAC,MAAM,EAAE;YACtC,SAAS;SACT;QAED,MAAM,SAAS,GAAG,MAAM;aACtB,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC;aACxB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAErB,KAAK,CAAC,gCAAgC,MAAM,SAAS,SAAS,GAAG,CAAC,CAAC;QAEnE,eAAe,CAAC,aAAa,EAAE,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;KAChE;AACF,CAAC;AAjBD,8CAiBC;AAED,SAAgB,eAAe,CAAC,aAAkB,EAAE,UAAkB;IACrE,KAAK,CAAC,uBAAuB,UAAU,EAAE,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IACnC,KAAK,CAAC,MAAM,CAAC,CAAC;IAEd,KAAK,MAAM,cAAc,IAAI,aAAa,EAAE;QAC3C,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,cAAc,CAAC,EAAE;YAClD,SAAS;SACT;QAED,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC;KAC3E;AACF,CAAC;AAZD,0CAYC;AAED,SAAgB,gBAAgB,CAAC,aAAkB,EAAE,IAAc;IAClE,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;QAC1B,OAAO;KACP;IAED,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAErB,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACzC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE;QACrB,OAAO;KACP;IAED,KAAK,CAAC,4BAA4B,EAAE,UAAU,CAAC,CAAC;IAEhD,MAAM,WAAW,GAAG,QAAQ,CAAC;IAE7B,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE;QAC5B,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;QACxE,eAAe,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;KAC3C;IAED,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE;QAC7B,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE;YACpC,SAAS;SACT;QAED,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;YACxB,SAAS;SACT;QACD,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;YACtB,SAAS;SACT;QACD,IAAI,GAAG,KAAK,WAAW,EAAE;YACxB,SAAS;SACT;QAED,MAAM,SAAS,GAAG,GAAG;aACnB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAErB,KAAK,CAAC,qCAAqC,GAAG,SAAS,SAAS,GAAG,CAAC,CAAC;QAErE,eAAe,CAAC,aAAa,EAAE,SAAS,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;KAC3D;AACF,CAAC;AA5CD,4CA4CC;AAGD,SAAgB,eAAe,CAAC,GAAyB,EAAE,YAAoB,EAAE,KAAU;IAC1F,IAAI,CAAC,GAAG,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;KAClC;IACD,IAAI,CAAC,YAAY,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;KACzC;IAED,MAAM,SAAS,GAAG,SAAS,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,CAAC;IAEtC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1C,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAE9B,IAAI,CAAC,CAAC,QAAQ,IAAI,GAAG,CAAC,EAAE;YACvB,OAAO,CAAC,GAAG,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC;SAC3B;QACD,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;KAC7B;IAED,OAAO,CAAC,GAAG,EAAE,SAAS,CAAC,YAAY,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IACjD,OAAO;AACR,CAAC;AAtBD,0CAsBC;AAED,SAAS,OAAO,CAAC,GAAyB,EAAE,QAAgB,EAAE,KAAU;IACvE,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,QAAQ,CAAC,EAAE;QAClC,MAAM,IAAI,KAAK,CAAC,aAAa,QAAQ,gBAAgB,CAAC,CAAC;KACvD;IACD,GAAG,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC;AACvB,CAAC;AAED,SAAS,OAAO,CAAC,GAAyB,EAAE,QAAgB;IAC3D,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,QAAQ,CAAC,EAAE;QAClC,MAAM,IAAI,KAAK,CAAC,aAAa,QAAQ,gBAAgB,CAAC,CAAC;KACvD;IACD,OAAO,GAAG,CAAC,QAAQ,CAAC,CAAC;AACtB,CAAC;AAED,SAAgB,eAAe,CAAC,GAAQ,EAAE,YAAoB;IAC7D,IAAI,GAAG,GAAQ,GAAG,CAAC;IAEnB,MAAM,CAAC,GAAG,SAAS,CAAC,YAAY,CAAC,CAAC;IAClC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;IAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,EAAE;QAC3B,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,EAAE;YACb,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;SACb;aAAM;YACN,OAAO;SACP;KACD;IAED,OAAO,GAAG,CAAC;AACZ,CAAC;AAhBD,0CAgBC;AAED,SAAgB,eAAe,CAAC,IAAS,EAAE,IAAS,EAAE,WAAoB,KAAK;IAC9E,IAAI,OAAM,CAAC,IAAI,CAAC,KAAK,UAAU,EAAE;QAChC,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;KAClD;IAED,eAAe;IACf,IAAI,OAAM,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,SAAS,EAAE;QACrE,MAAM,UAAU,GAAG,IAAI,KAAK,IAAI,CAAC;QACjC,IAAI,UAAU,EAAE;YACf,OAAO,UAAU,CAAC;SAClB;QAED,IAAI,SAAS,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE;YACvC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;SAC7C;QAED,OAAO,KAAK,CAAC;KACb;IAED,sCAAsC;IACtC,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE;QACrB,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE;YAC5B,SAAS;SACT;QAED,wCAAwC;QACxC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE;YAC5B,OAAO,KAAK,CAAC;SACb;QAED,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE;YACvC,OAAO,KAAK,CAAC;SACb;KACD;IAED,IAAI,CAAC,QAAQ,EAAE;QACd,0CAA0C;QAC1C,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE;YACrB,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE;gBAC5B,SAAS;aACT;YAED,wCAAwC;YACxC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE;gBAC5B,OAAO,KAAK,CAAC;aACb;SACD;KACD;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAlDD,0CAkDC;AAED,SAAS,SAAS,CAAC,YAAoB;IACtC,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC,CAAC,gCAAgC;IAC1F,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAW,sBAAsB;IAChF,OAAO,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,SAAS,CAAC,KAAa;IAC/B,2CAA2C;IAC3C,MAAM,SAAS,GAAG,0QAA0Q,CAAC;IAC7R,OAAO,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC9B,CAAC"} \ No newline at end of file
index.ts+44 −12 modified@@ -75,8 +75,10 @@ export function applyCommandArgs(configuration: any, argv: string[]) { debug("Appling command arguments:", parsedArgv); - if (parsedArgv.config) { - const configFile = path.resolve(process.cwd(), parsedArgv.config); + const CONFIG_PROP = 'config'; + + if (parsedArgv[CONFIG_PROP]) { + const configFile = path.resolve(process.cwd(), parsedArgv[CONFIG_PROP]); applyConfigFile(configuration, configFile); } @@ -85,6 +87,16 @@ export function applyCommandArgs(configuration: any, argv: string[]) { continue; } + if (key.startsWith('_')) { + continue; + } + if (key.endsWith('_')) { + continue; + } + if (key === CONFIG_PROP) { + continue; + } + const configKey = key .replace(/_/g, "."); @@ -95,24 +107,44 @@ export function applyCommandArgs(configuration: any, argv: string[]) { } -export function setDeepProperty(obj: any, propertyPath: string, value: any): void { - const a = splitPath(propertyPath); - const n = a.length; +export function setDeepProperty(obj: {[key: string]: any}, propertyPath: string, value: any): void { + if (!obj) { + throw new Error("Invalid object"); + } + if (!propertyPath) { + throw new Error("Invalid property path"); + } - for (let i = 0; i < n - 1; i++) { - const k = a[i]; + const pathParts = splitPath(propertyPath); + const pathPartsLen = pathParts.length; + + for (let i = 0; i < pathPartsLen - 1; i++) { + const pathPart = pathParts[i]; - if (!(k in obj)) { - obj[k] = {}; + if (!(pathPart in obj)) { + setProp(obj, pathPart, {}); } - obj = obj[k]; + obj = getProp(obj, pathPart); } - - obj[a[n - 1]] = value; + setProp(obj, pathParts[pathPartsLen - 1], value); return; } +function setProp(obj: {[key: string]: any}, property: string, value: any): void { + if (!obj.hasOwnProperty(property)) { + throw new Error(`Property '${property}' is not valid`); + } + obj[property] = value; +} + +function getProp(obj: {[key: string]: any}, property: string): any { + if (!obj.hasOwnProperty(property)) { + throw new Error(`Property '${property}' is not valid`); + } + return obj[property]; +} + export function getDeepProperty(obj: any, propertyPath: string): any { let ret: any = obj;
sample/index.js+4 −0 modified@@ -1,4 +1,5 @@ "use strict"; +// See README.md for details Object.defineProperty(exports, "__esModule", { value: true }); const confinit = require("../index"); const path = require("path"); @@ -36,11 +37,14 @@ class Configuration { if (!env) { env = process.env; } + // Enable config file if (env.config) { const configFile = path.resolve(process.cwd(), env.config); confinit.applyConfigFile(this, configFile); } + // Enable environment variables confinit.applyEnvVariables(this, process.env, "cfg_"); + // Enable command arguments confinit.applyCommandArgs(this, process.argv); confinit.validate(this); }
sample/index.js.map+1 −1 modified@@ -1 +1 @@ -{"version":3,"file":"index.js","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":";;AAAA,qCAAqC;AACrC,6BAA6B;AAE7B,MAAa,cAAc;IAA3B;QACC,QAAG,GAAW,EAAE,CAAC;IAOlB,CAAC;IALA,QAAQ;QACP,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;SAC1C;IACF,CAAC;CACD;AARD,wCAQC;AAED,MAAa,eAAe;IAG3B;QAFA,SAAI,GAAG,IAAI,CAAC;QAGX,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;QACjC,IAAI,OAAO,EAAE;YACZ,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;SAClC;IACF,CAAC;IAED,QAAQ;QACP,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;SAChC;QACD,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;IAChD,CAAC;CACD;AAhBD,0CAgBC;AAED,MAAa,aAAa;IAIzB,YAAY,GAAuB;QAH1B,aAAQ,GAAG,IAAI,cAAc,EAAE,CAAC;QAChC,cAAS,GAAG,IAAI,eAAe,EAAE,CAAC;QAG1C,IAAI,CAAC,GAAG,EAAE;YACT,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;SAClB;QACD,IAAI,GAAG,CAAC,MAAM,EAAE;YACf,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;YAC3D,QAAQ,CAAC,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;SAC3C;QACD,QAAQ,CAAC,iBAAiB,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACtD,QAAQ,CAAC,gBAAgB,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;QAE9C,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC;CACD;AAjBD,sCAiBC;AAED,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;AACpC,MAAM,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;AAEnC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;AAC/B,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;AACzB,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;AAC/B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;AAC7B,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;AAC/B,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;AAC1B,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;AAC/B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC"} \ No newline at end of file +{"version":3,"file":"index.js","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":";AAAA,4BAA4B;;AAE5B,qCAAqC;AACrC,6BAA6B;AAE7B,MAAa,cAAc;IAA3B;QACC,QAAG,GAAW,EAAE,CAAC;IAOlB,CAAC;IALA,QAAQ;QACP,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;SAC1C;IACF,CAAC;CACD;AARD,wCAQC;AAED,MAAa,eAAe;IAG3B;QAFA,SAAI,GAAG,IAAI,CAAC;QAGX,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;QACjC,IAAI,OAAO,EAAE;YACZ,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;SAClC;IACF,CAAC;IAED,QAAQ;QACP,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;SAChC;QACD,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;IAChD,CAAC;CACD;AAhBD,0CAgBC;AAED,MAAa,aAAa;IAIzB,YAAY,GAAuB;QAH1B,aAAQ,GAAG,IAAI,cAAc,EAAE,CAAC;QAChC,cAAS,GAAG,IAAI,eAAe,EAAE,CAAC;QAG1C,IAAI,CAAC,GAAG,EAAE;YACT,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;SAClB;QAED,qBAAqB;QACrB,IAAI,GAAG,CAAC,MAAM,EAAE;YACf,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;YAC3D,QAAQ,CAAC,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;SAC3C;QACD,+BAA+B;QAC/B,QAAQ,CAAC,iBAAiB,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACtD,2BAA2B;QAC3B,QAAQ,CAAC,gBAAgB,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;QAE9C,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC;CACD;AArBD,sCAqBC;AAED,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;AACpC,MAAM,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;AAEnC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;AAC/B,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;AACzB,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;AAC/B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;AAC7B,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;AAC/B,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;AAC1B,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;AAC/B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC"} \ No newline at end of file
sample/index.ts+6 −0 modified@@ -1,3 +1,5 @@ +// See README.md for details + import * as confinit from "../index"; import * as path from "path"; @@ -37,11 +39,15 @@ export class Configuration { if (!env) { env = process.env; } + + // Enable config file if (env.config) { const configFile = path.resolve(process.cwd(), env.config); confinit.applyConfigFile(this, configFile); } + // Enable environment variables confinit.applyEnvVariables(this, process.env, "cfg_"); + // Enable command arguments confinit.applyCommandArgs(this, process.argv); confinit.validate(this);
test/setDeepProperty.test.js+27 −3 modified@@ -1,13 +1,13 @@ "use strict"; Object.defineProperty(exports, "__esModule", { value: true }); const assert = require("assert"); -const __1 = require(".."); +const index_1 = require("../index"); describe('setDeepProperty', () => { it('should set a property with deep 1', () => { const obj = { test: "A" }; - __1.setDeepProperty(obj, "test", "B"); + index_1.setDeepProperty(obj, "test", "B"); assert.equal(obj.test, "B"); }); it('should set a property with deep 2', () => { @@ -16,8 +16,32 @@ describe('setDeepProperty', () => { test: "A" } }; - __1.setDeepProperty(obj, "parent.test", "B"); + index_1.setDeepProperty(obj, "parent.test", "B"); assert.equal(obj.parent.test, "B"); }); + it('should not allow to set a not existing property', () => { + const obj = { + test: "A" + }; + assert.throws(() => index_1.setDeepProperty(obj, "not_existing", "B")); + }); + it('should not allow to set a property on null/undefined obj', () => { + assert.throws(() => index_1.setDeepProperty(null, "not_existing", "B")); + assert.throws(() => index_1.setDeepProperty(undefined, "not_existing", "B")); + }); + it('should not allow to set a null/undefined property', () => { + const obj = { + test: "A" + }; + assert.throws(() => index_1.setDeepProperty(obj, null, "B")); + assert.throws(() => index_1.setDeepProperty(obj, undefined, "B")); + assert.throws(() => index_1.setDeepProperty(obj, "", "B")); + }); + it('should not allow to set __proto__ property', () => { + const obj = { + test: "A" + }; + assert.throws(() => index_1.setDeepProperty(obj, "__proto__.xyz", "B")); + }); }); //# sourceMappingURL=setDeepProperty.test.js.map \ No newline at end of file
test/setDeepProperty.test.js.map+1 −1 modified@@ -1 +1 @@ -{"version":3,"file":"setDeepProperty.test.js","sourceRoot":"","sources":["setDeepProperty.test.ts"],"names":[],"mappings":";;AAAA,iCAAiC;AACjC,0BAAqC;AAErC,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;IAE/B,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,GAAG,GAAG;YACV,IAAI,EAAE,GAAG;SACV,CAAA;QACD,mBAAe,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,GAAG,GAAG;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,GAAG;aACV;SACF,CAAA;QACD,mBAAe,CAAC,GAAG,EAAE,aAAa,EAAE,GAAG,CAAC,CAAC;QACzC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;AAEL,CAAC,CAAC,CAAC"} \ No newline at end of file +{"version":3,"file":"setDeepProperty.test.js","sourceRoot":"","sources":["setDeepProperty.test.ts"],"names":[],"mappings":";;AAAA,iCAAiC;AACjC,oCAA2C;AAE3C,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;IAE/B,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,GAAG,GAAG;YACV,IAAI,EAAE,GAAG;SACV,CAAA;QACD,uBAAe,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,GAAG,GAAG;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,GAAG;aACV;SACF,CAAA;QACD,uBAAe,CAAC,GAAG,EAAE,aAAa,EAAE,GAAG,CAAC,CAAC;QACzC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;QACzD,MAAM,GAAG,GAAG;YACV,IAAI,EAAE,GAAG;SACV,CAAA;QACD,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,uBAAe,CAAC,GAAG,EAAE,cAAc,EAAE,GAAG,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0DAA0D,EAAE,GAAG,EAAE;QAClE,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,uBAAe,CAAC,IAAW,EAAE,cAAc,EAAE,GAAG,CAAC,CAAC,CAAC;QACvE,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,uBAAe,CAAC,SAAgB,EAAE,cAAc,EAAE,GAAG,CAAC,CAAC,CAAC;IAC9E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,GAAG,GAAG;YACV,IAAI,EAAE,GAAG;SACV,CAAA;QACD,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,uBAAe,CAAC,GAAG,EAAE,IAAW,EAAE,GAAG,CAAC,CAAC,CAAC;QAC5D,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,uBAAe,CAAC,GAAG,EAAE,SAAgB,EAAE,GAAG,CAAC,CAAC,CAAC;QACjE,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,uBAAe,CAAC,GAAG,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;QACpD,MAAM,GAAG,GAAG;YACV,IAAI,EAAE,GAAG;SACV,CAAA;QACD,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,uBAAe,CAAC,GAAG,EAAE,eAAe,EAAE,GAAG,CAAC,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;AAEL,CAAC,CAAC,CAAC"} \ No newline at end of file
test/setDeepProperty.test.ts+29 −1 modified@@ -1,5 +1,5 @@ import * as assert from 'assert'; -import { setDeepProperty } from '..'; +import { setDeepProperty } from '../index'; describe('setDeepProperty', () => { @@ -21,4 +21,32 @@ describe('setDeepProperty', () => { assert.equal(obj.parent.test, "B"); }); + it('should not allow to set a not existing property', () => { + const obj = { + test: "A" + } + assert.throws(() => setDeepProperty(obj, "not_existing", "B")); + }); + + it('should not allow to set a property on null/undefined obj', () => { + assert.throws(() => setDeepProperty(null as any, "not_existing", "B")); + assert.throws(() => setDeepProperty(undefined as any, "not_existing", "B")); + }); + + it('should not allow to set a null/undefined property', () => { + const obj = { + test: "A" + } + assert.throws(() => setDeepProperty(obj, null as any, "B")); + assert.throws(() => setDeepProperty(obj, undefined as any, "B")); + assert.throws(() => setDeepProperty(obj, "", "B")); + }); + + it('should not allow to set __proto__ property', () => { + const obj = { + test: "A" + } + assert.throws(() => setDeepProperty(obj, "__proto__.xyz", "B")); + }); + }); \ No newline at end of file
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-jgpq-g82g-6c39ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-7638ghsaADVISORY
- github.com/davideicardi/confinit/commit/a34e06ca5c1c8b047ef112ef188b2fe30d2a1eabghsax_refsource_MISCWEB
- snyk.io/vuln/SNYK-JS-CONFINIT-564433ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.