CVE-2024-34273 | njwt up to 0.4.0 Parser.prototype.parse prototype pollution

Inserito da Angelo Barbosa | Mag 16, 2024 | CVE

A vulnerability classified as problematic has been found in njwt up to 0.4.0. This affects the function Parser.prototype.parse. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is uniquely identified as CVE-2024-34273. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-34273 | njwt up to 0.4.0 Parser.prototype.parse prototype pollution

Post correlati

CVE-2024-37053 | MLflow 1.1.0 deserialization

CVE-2024-33497 | Siemens SIMATIC RTLS Locating Manager up to 3.0.1.0 insufficiently protected credentials (ssa-093430)

CVE-2023-48812 | Totolink X6000R 9.4.0cu.852_B20230719 shttpd sub_4119A0 Privilege Escalation

CVE-2023-48638 | Adobe Substance 3D Designer up to 13.0.0 out-of-bounds (apsb23-76)