Lucene search
HistoryJul 01, 2024 - 1:15 p.m.
CVE-2024-39013
prototype pollution
arbitrary code execution
denial of service
cve-2024-39013
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.2%
2o3t-utility v0.1.2 was discovered to contain a prototype pollution via the function extend. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
Related
cvelist
cvelist
CVE-2024-39013
2024-07-01 00:00:00
vulnrichment
vulnrichment
CVE-2024-39013
2024-07-01 00:00:00
cve
cve
CVE-2024-39013
2024-07-01 13:15:05
veracode
veracode
Prototype Pollution
2024-07-02 07:38:30
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.2%
Related for NVD:CVE-2024-39013