Lucene search
MitreCVE-2024-24293HistoryMay 20, 2024 - 6:15 p.m.
CVE-2024-24293
2024-05-2018:15:10
CWE-1321
mitre
web.nvd.nist.gov
358
cve-2024-24293
prototype pollution
miguelcastillo @bit/loader
index.js
arbitrary code execution
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.7
Confidence
High
A Prototype Pollution issue in MiguelCastillo @bit/loader v.10.0.3 allows an attacker to execute arbitrary code via the M function e argument in index.js.
Related
nvd
nvd
CVE-2024-24293
2024-05-20 18:15:10
osv
osv
MiguelCastillo @bit/loader Prototype Pollution issue
2024-05-20 18:31:23
github
github
MiguelCastillo @bit/loader Prototype Pollution issue
2024-05-20 18:31:23
veracode
veracode
Prototype Pollution
2024-05-22 08:13:38
vulnrichment
vulnrichment
CVE-2024-24293
1976-01-01 00:00:00
cvelist
cvelist
CVE-2024-24293
1976-01-01 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.7
Confidence
High
Related for CVE-2024-24293