CVE-2024-57074 | xe-utils 3.5.31 lib.merge prototype pollution

Inserito da Angelo Barbosa | Feb 6, 2025 | CVE

A vulnerability was found in xe-utils 3.5.31. It has been rated as problematic. Affected by this issue is the function lib.merge. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is handled as CVE-2024-57074. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-57074 | xe-utils 3.5.31 lib.merge prototype pollution

Post correlati

CVE-2024-35239 | Umbraco Umbraco.Forms.Issues prior 13.0.1/12.2.2/10.5.3/8.13.13 Forms cross site scripting

CVE-2024-9165 | Gift Cards Plugin up to 4.4.4 on WordPress SVG File Upload cross site scripting

CVE-2025-22143 | LabRedesCefetRJ WeGIA up to 3.2.7 listar_permissoes.php msg_e cross site scripting (GHSA-gxh2-8jxp-m59h)

CVE-2023-41337 | h2o up to 2.3.0-beta2 X.509 Certificate signature verification (GHSA-5v5r-rghf-rm6q)