CVE-2024-32866 | edmundhung conform up to 1.1.0 parseWith prototype pollution (GHSA-624g-8qjg-8qxf)

Posted by Angelo Barbosa | Apr 24, 2024 | CVE

A vulnerability, which was classified as critical, has been found in edmundhung conform up to 1.1.0. Affected by this issue is the function parseWith. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is handled as CVE-2024-32866. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-32866 | edmundhung conform up to 1.1.0 parseWith prototype pollution (GHSA-624g-8qjg-8qxf)

Related Posts

CVE-2024-52026 | Netgear XR300/R6400/R7000P HTTP POST Request bsw_pppoe.cgi pppoe_localip stack-based overflow

CVE-2024-8694 | JFinalCMS up to 20240903 com.cms.controller.admin.TemplateController /admin/template/update fileName path traversal (IAOKSQ)

CVE-2024-3759 | OpenHarmony up to 4.0.0 TCB use after free

CVE-2024-7612 | Ivanti Endpoint Manager Mobile up to 12.0.0.4/12.1.0.3 Configuration File permission assignment