2 matches found
CVE-2024-39012
ais-ltd strategyen v0.4.0 was discovered to contain a prototype pollution via the function mergeObjects. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39012
The CVE-2024-39012 entry affects ais-ltd strategyen v0.4.0, where the mergeObjects function enables prototype pollution. The cited sources describe attackers exploiting this to achieve arbitrary code execution, Denial of Service, or related object-behavior manipulation (per Veracode and NVD). Pra...