How severe is CVE-2024-38984?

CVE-2024-38984 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2024-38984

Name: json-override
Author: lukebond

9.8CRITICAL

Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the proto property.

Published: 7/30/2024Updated: 11/21/2024

Description

Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the __proto__ property.

AI AnalysisPowered by AI

Affected Products

lukebondjson-override

0.2.0

References

https://gist.github.com/mestrtee/97a9a7d73fc8b38fcf01322239dd5fb1
Exploit
https://gist.github.com/mestrtee/97a9a7d73fc8b38fcf01322239dd5fb1
Exploit