CVE-2024-32866 | edmundhung conform up to 1.1.0 parseWith prototype pollution (GHSA-624g-8qjg-8qxf)

Posted by Angelo Barbosa | Apr 24, 2024 | CVE

A vulnerability, which was classified as critical, has been found in edmundhung conform up to 1.1.0. Affected by this issue is the function parseWith. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is handled as CVE-2024-32866. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-32866 | edmundhung conform up to 1.1.0 parseWith prototype pollution (GHSA-624g-8qjg-8qxf)

Related Posts

CVE-2023-52636 | Linux Kernel up to 6.6.16/6.7.4 libceph read_partial_sparse_msg_data state issue (da9c33a70f09/bd9442e553ab/8e46a2d068c9)

CVE-2024-38723 | Bernhard Kux JSON Content Importer Plugin up to 1.5.6 on WordPress server-side request forgery

CVE-2024-6555 | WP Popups Plugin up to 2.2.0.1 on WordPress information disclosure

CVE-2024-36411 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 EmailUIAjax displayView Controller sql injection