Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nodejs-requirejs (UTSA-2026-021492)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021492 advisory. jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute...

OESA-2026-1600 nodejs-requirejs security update

RequireJS is a JavaScript file and module loader. It is optimized for in-browser use, but it can be used in other JavaScript environments, like Rhino and Node. Using a modular script loader like RequireJS will improve the speed and quality of your code. Security Fixes: jrburke requirejs v2.3.6 wa...

CVE-2024-38999

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

Exploit for CVE-2024-38998

PPCVE-2024-38998 Uma vulnerabilidade CVE-2024-38998 foi ide...

Exploit for CVE-2024-38998

PPCVE-2024-38998 Uma vulnerabilidade CVE-2024-38998 foi ide...

Security update for pgadmin4

This update for pgadmin4 fixes the following issues: CVE-2024-38355: Fixed socket.io: unhandled 'error' event bsc1226967 CVE-2024-38998: Fixed requirejs: prototype pollution via function config bsc1227248 CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts..configure...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in requirejs

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of requirejs. Vulnerability Details CVEID:CVE-2024-38999 DESCRIPTION: jrburke requirejs could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the function...

SUSE CVE-2024-38999

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

Prototype Pollution

requirejs is vulnerable to Prototype Pollution. The vulnerability is due to the config function which allows attackers to inject arbitrary prototype properties, which potentially allows an attacker to execute arbitrary code or cause a Denial of Service DoS...

Prototype Pollution

requirejs is vulnerable to Prototype Pollution. The vulnerability is due to missing prototype checks in the config, s.contexts..configure, and parse functions, which allows an attackers to modify the built-in Object.prototype by passing arguments containing the special proto key, which results in...

CVE-2024-38998

A flaw was found in RequireJS. This flaw allows an attacker to alter the behavior of all objects inheriting from the affected prototype by passing arguments to the config function crafted with the built-in property: proto. This issue can potentially lead to a denial of service, remote code...

GHSA-X3M3-4WPV-5VGC jrburke requirejs vulnerable to prototype pollution

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

jrburke requirejs vulnerable to prototype pollution

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

org.webjars.bower:angularAMD (=0.2.1), org.webjars.bower:annodom (=1.0.0) +11 more potentially affected by CVE-2024-38999 via org.webjars.bower:requirejs (>=2.1.22 <=2.3.6)

org.webjars.bower:requirejs MAVEN version =2.1.22, =0.0.2, =3.10.0, =2.1.4, =0.1.13, =0.0.2, =0.0.3 - org.webjars.bower:require-lazy =0.3.8 Source cves: CVE-2024-38999 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-7430220...

au.com.intelix:rs-core-js_2.11 (=0.1.3.1), cn.dreampie:jfinal-dreampie (>=0.1 <=1.0.0) +247 more potentially affected by CVE-2024-38999 via org.webjars:requirejs (>=2.1.1 <=2.3.6)

org.webjars:requirejs MAVEN version =2.1.1, =0.1, =0.4.3, =1.0.0-Alpha8, =0.0.1, =0.5.6, =0.5.6, =0.5.6, =1.1.0, =0.3.0, =0.3.0, =0.5.3, =2.55.0, =1.0.5, =1.1.0, =2.76.0 and more Source cves: CVE-2024-38999 Source advisory: SNYK:JAVA-ORGWEBJARS-7430219...

CVE-2024-38998

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2024-38999

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

DEBIAN-CVE-2024-38999

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

CVE-2024-38999

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

UBUNTU-CVE-2024-38999

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...