Prototype Pollution in immerjs/immer
Description
immer versions prior to the fix are vulnerable to Prototype Pollution via specially crafted patches, allowing arbitrary property injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
immer versions prior to the fix are vulnerable to Prototype Pollution via specially crafted patches, allowing arbitrary property injection.
Vulnerability
immer [3] is a JavaScript library for creating immutable state trees. Versions prior to the fix (commit fa671e55ee9bd42ae08cc239102b665a23958237) are vulnerable to Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) [1]. The vulnerability exists in the applyPatches function, which does not sufficiently validate property paths against reserved attributes such as __proto__, prototype, and constructor [2].
Exploitation
An attacker can exploit this vulnerability by providing a crafted patch object with a path array containing ["__proto__"] or similar reserved keys. For example, {op: "add", path: [["__proto__"], "polluted"], value: "yes"} [2]. The attacker does not need network access if they can supply patches to an application that processes user-controlled patch data. No authentication is required if the application exposes the applyPatches API to untrusted input. The exploitation involves calling applyPatches with the malicious payload [2].
Impact
Successful exploitation allows an attacker to pollute the Object prototype, injecting arbitrary properties into all objects in the application. This can lead to property injection, denial of service, or potentially remote code execution depending on how the polluted property is used by the application. The attacker modifies the prototype chain without explicit permission [1][2].
Mitigation
The fix was implemented in commit fa671e55ee9bd42ae08cc239102b665a23958237 [2]. The patched version validates the path and throws an error if it tries to modify reserved attributes like __proto__, prototype, or constructor [2]. Users should update to a version containing this fix. No workaround is available other than upgrading. There is no evidence that the CVE is listed in KEV.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
immernpm | >= 7.0.0, < 9.0.6 | 9.0.6 |
Affected products
2Patches
1fa671e55ee9bfix(security): Follow up on CVE-2020-28477 where `path: [["__proto__"], "x"]` could still pollute the prototype
2 files changed · +19 −1
src/plugins/patches.ts+1 −1 modified@@ -207,7 +207,7 @@ export function enablePatches() { let base: any = draft for (let i = 0; i < path.length - 1; i++) { const parentType = getArchtype(base) - const p = path[i] + const p = "" + path[i] // See #738, avoid prototype pollution if ( (parentType === Archtype.Object || parentType === Archtype.Array) &&
__tests__/patch.js+18 −0 modified@@ -1258,6 +1258,24 @@ test("maps can store __proto__, prototype and constructor props", () => { expect(obj.polluted).toBe(undefined) }) +test("CVE-2020-28477 (https://snyk.io/vuln/SNYK-JS-IMMER-1019369) follow up", () => { + const obj = {} + + // @ts-ignore + expect(obj.polluted).toBe(undefined) + expect(() => { + applyPatches({}, [ + {op: "add", path: [["__proto__"], "polluted"], value: "yes"} + ]) + }).toThrow( + isProd + ? "24" + : "Patching reserved attributes like __proto__, prototype and constructor is not allowed" + ) + // @ts-ignore + expect(obj.polluted).toBe(undefined) +}) + test("#648 assigning object to itself should not change patches", () => { const input = { obj: {
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-c36v-fmgq-m8hxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-3757ghsaADVISORY
- github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237ghsax_refsource_MISCWEB
- huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfaghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.