CVE-2024-57078 | cli-util 1.1.27 lib.merge prototype pollution

Inserito da Angelo Barbosa | Feb 6, 2025 | CVE

A vulnerability was found in cli-util 1.1.27. It has been classified as problematic. Affected is the function lib.merge. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is traded as CVE-2024-57078. The attack can only be initiated within the local network. There is no exploit available.

CVE-2024-57078 | cli-util 1.1.27 lib.merge prototype pollution

Post correlati

CVE-2024-9231 | WP-Members Membership Plugin up to 3.4.9.5 on WordPress cross site scripting

CVE-2024-36819 | MAP-OS up to 4.45.0 Client Name cross site scripting

CVE-2025-24001 | PPO Việt Nam PPO Call to Actions Plugin up to 0.1.3 on WordPress cross-site request forgery

CVE-2024-0560 | upstream insufficient permissions or privileges