How severe is CVE-2024-38984?

CVE-2024-38984 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2024-38984

Name: json-override
Author: lukebond

9.8CRITICAL

Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the proto property.

Publicado: 7/30/2024Actualizado: 11/21/2024

Descripción

Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the __proto__ property.

Análisis IAImpulsado por IA

Productos Afectados

lukebondjson-override

0.2.0

Referencias

https://gist.github.com/mestrtee/97a9a7d73fc8b38fcf01322239dd5fb1
Exploit
https://gist.github.com/mestrtee/97a9a7d73fc8b38fcf01322239dd5fb1
Exploit