CVE-2024-21529 | dset up to 3.1.3 prototype pollution (SNYK-JS-DSET-7116691)

Posted by Angelo Barbosa | Sep 11, 2024 | CVE

A vulnerability, which was classified as critical, was found in dset up to 3.1.3. Affected is the function dset. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is traded as CVE-2024-21529. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-21529 | dset up to 3.1.3 prototype pollution (SNYK-JS-DSET-7116691)

Related Posts

CVE-2024-10503 | Klokan MapTiler tileserver-gl 2.3.1 URL key cross site scripting

CVE-2024-1004 | Totolink N200RE 9.3.5u.6139_B20201216 /cgi-bin/cstecgi.cgi loginAuth http_host stack-based overflow

CVE-2024-0926 | Tenda AC10U 15.03.06.49_multi_TDE01 formWifiWpsOOB index stack-based overflow

CVE-2024-0521 | Paddle code injection