CVE-2024-21529 | dset up to 3.1.3 prototype pollution (SNYK-JS-DSET-7116691)

Inserito da Angelo Barbosa | Set 11, 2024 | CVE

A vulnerability, which was classified as critical, was found in dset up to 3.1.3. Affected is the function dset. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is traded as CVE-2024-21529. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-21529 | dset up to 3.1.3 prototype pollution (SNYK-JS-DSET-7116691)

Post correlati

CVE-2024-25100 | WP Swings Coupon Referral Program Plugin up to 1.7.2 on WordPress deserialization

CVE-2024-4593 | DedeCMS 5.7 sys_multiserv.php cross-site request forgery

CVE-2024-39568 | Siemens SINEMA Remote Connect Client up to 3.2 Proxy Configuration command injection (ssa-868282)

CVE-2023-50964 | IBM InfoSphere Information Server 11.7 Web UI cross site scripting (XFDB-276102)