Lucene search
GitHub Advisory DatabaseGHSA-8VR4-H4RR-8PH6HistoryMay 20, 2024 - 6:31 p.m.
MiguelCastillo @bit/loader Prototype Pollution issue
2024-05-2018:31:23
CWE-1321
GitHub Advisory Database
github.com
5
miguelcastillo loader prototype pollution arbitrarycodeexecution index.js software
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8
Confidence
Low
A Prototype Pollution issue in MiguelCastillo @bit/loader v.10.0.3 allows an attacker to execute arbitrary code via the M function e argument in index.js.
Affected configurations
Node
bitloaderRange≤10.0.3
Related
nvd
nvd
CVE-2024-24293
2024-05-20 18:15:10
osv
osv
MiguelCastillo @bit/loader Prototype Pollution issue
2024-05-20 18:31:23
veracode
veracode
Prototype Pollution
2024-05-22 08:13:38
vulnrichment
vulnrichment
CVE-2024-24293
1976-01-01 00:00:00
cvelist
cvelist
CVE-2024-24293
1976-01-01 00:00:00
cve
cve
CVE-2024-24293
2024-05-20 18:15:10
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8
Confidence
Low
Related for GHSA-8VR4-H4RR-8PH6