Home

Description

harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

PUBLISHED Reserved 2024-06-21 | Published 2024-07-01 | Updated 2024-08-02 | Assigner mitre

References

gist.github.com/mestrtee/be75c60307b2292884cc03cebd361f3f

cve.org (CVE-2024-39018)

nvd.nist.gov (CVE-2024-39018)

Download JSON