CVE-2024-21528 | node-gettext gettext.js addTranslations prototype pollution (SNYK-JS-NODEGETTEXT-6100943)

Posted by Angelo Barbosa | Sep 10, 2024 | CVE

A vulnerability, which was classified as critical, has been found in node-gettext. This issue affects the function addTranslations of the file gettext.js. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

The identification of this vulnerability is CVE-2024-21528. The attack may be initiated remotely. There is no exploit available.

CVE-2024-21528 | node-gettext gettext.js addTranslations prototype pollution (SNYK-JS-NODEGETTEXT-6100943)

Related Posts

CVE-2024-33517 | Aruba ArubaOS up to 8.10.0.10/8.11.2.1/10.4.1.0/10.5.1.0 Radio Frequency Manager Service denial of service (ARUBA-PSA-2024-004)

CVE-2024-35349 | Diño Physics School Assistant 2.3 view_category.php id sql injection

CVE-2024-37145 | FlowiseAI Flowise up to 1.4.3 404 Page id cross site scripting (GHSL-2023-232)

CVE-2024-41631 | host-host NEUQ_board 1.0 password.h denial of service