exploitDog

CVE-2024-38990

Опубликовано: 01 июл. 2024

Источник: nvd

CVSS3: 6.3

EPSS Низкий

Описание

Tada5hi sp-common v0.5.4 was discovered to contain a prototype pollution via the function mergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Ссылки

EPSS

Процентиль: 39%

0.00174

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-p5p8-v4qg-3g7c

CVSS3: 6.3

github

больше 1 года назад

Tada5hi sp-common v0.5.4 was discovered to contain a prototype pollution via the function mergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

EPSS

Процентиль: 39%

0.00174

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-94