ais-ltd strategyen v0.4.0 was discovered to contain a prototype pollution via the function mergeObjects. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
Metrics
Affected Vendors & Products
References
History
Thu, 08 Aug 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ais
Ais strategyen |
|
Weaknesses | CWE-1321 | |
CPEs | cpe:2.3:a:ais:strategyen:0.4.0:*:*:*:*:*:*:* | |
Vendors & Products |
Ais
Ais strategyen |
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-07-30T00:00:00
Updated: 2024-08-23T15:32:32.673Z
Reserved: 2024-06-21T00:00:00
Link: CVE-2024-39012
Vulnrichment
Updated: 2024-08-02T04:19:20.598Z
NVD
Status : Analyzed
Published: 2024-07-30T20:15:04.307
Modified: 2024-08-08T14:03:03.583
Link: CVE-2024-39012
Redhat
No data.