CVE-2024-36578 | akbr update 1.0.0 update/index.js prototype pollution

Inserito da Angelo Barbosa | Giu 17, 2024 | CVE

A vulnerability was found in akbr update 1.0.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file update/index.js. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is known as CVE-2024-36578. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-36578 | akbr update 1.0.0 update/index.js prototype pollution

Post correlati

CVE-2024-43639 | Microsoft Windows Server 2012 up to Server 2022 23H2 Kerberos numeric truncation error

CVE-2024-8490 | PropertyHive Plugin up to 2.0.19 on WordPress save_account_details cross-site request forgery

CVE-2023-50236 | Siemens Polarion ALM default permission (ssa-871717)

CVE-2024-8148 | Esri Portal for ArcGIS up to 10.8.1/10.9.1/11.1/11.2 redirect