Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-88VR-HJQX-57QH
HistoryJul 01, 2024 - 3:32 p.m.

adolph_dudu ratio-swiper was discovered to contain a prototype pollution via the function extendDefaults

2024-07-0115:32:17
CWE-1321
GitHub Advisory Database
github.com
2
adolph_dudu
ratio-swiper
v0.0.2
prototype pollution
vulnerability
arbitrary code
denial of service
software

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

8.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

adolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function extendDefaults. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Affected configurations

Vulners
Node
adolph_duduratio-swiperMatch0.0.2
CPENameOperatorVersion
@adolph_dudu/ratio-swipereq0.0.2

Related

vulnrichment 1
osv 1
cvelist 1
gitlab 1
cve 1
nvd 1
vulnrichment
vulnrichment
CVE-2024-38997
2024-07-01 00:00:00
osv
osv
adolph_dudu ratio-swiper was discovered to contain a prototype pollution via the function extendDefaults
2024-07-01 15:32:17
cvelist
cvelist
CVE-2024-38997
2024-07-01 00:00:00
gitlab
gitlab
adolph_dudu ratio-swiper was discovered to contain a prototype pollution via the function extendDefaults
2024-07-01 00:00:00
cve
cve
CVE-2024-38997
2024-07-01 13:15:05
nvd
nvd
CVE-2024-38997
2024-07-01 13:15:05

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

8.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON
Related for GHSA-88VR-HJQX-57QH
vulnrichment1osv1cvelist1gitlab1cve1nvd1