Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.27 views

Security Bulletin: IBM Security QRadar Log Management AQL Plugin is vulnerable to CVE-2024-39008

Summary IBM Security QRadar Log Management AQL Plugin is vulnerable to CVE-2024-39008. This vulnerability has been addressed in the update. Vulnerability Details CVEID:CVE-2024-39008 DESCRIPTION: robinweser fast-loops could allow a remote attacker to execute arbitrary code on the system, caused b...

10CVSS7.8AI score0.00918EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2024/07/01 9:20 p.m.48 views

CVE-2024-39008

A flaw was found in the fast-loops Node.js package. This flaw allows an attacker to alter the behavior of all objects inheriting from the affected prototype by passing arguments to the objectMergeDeep function crafted with the built-in property: proto. This issue can potentially lead to a denial ...

6.5CVSS9.4AI score0.00918EPSS
Exploits0References4
NVD
NVD
added 2024/07/01 1:15 p.m.27 views

CVE-2024-39008

robinweser fast-loops v1.1.3 was discovered to contain a prototype pollution via the function objectMergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

10CVSS0.00918EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/01 12:0 a.m.30 views

CVE-2024-39008

robinweser fast-loops v1.1.3 was discovered to contain a prototype pollution via the function objectMergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

0.00918EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/01 12:0 a.m.14 views

CVE-2024-39008

robinweser fast-loops v1.1.3 was discovered to contain a prototype pollution via the function objectMergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

7.8AI score0.00918EPSS
Exploits0References1
CVE
CVE
added 2024/07/01 12:0 a.m.91 views

CVE-2024-39008

The CVE-2024-39008 issue is a prototype pollution in robinweser fast-loops, specifically in the objectMergeDeep function. This allows a remote attacker to execute arbitrary code or cause a Denial of Service by injecting properties. The vulnerability affects robinweser fast-loops v1.1.3 and is ack...

10CVSS8.3AI score0.00918EPSS
Exploits0References1
Rows per page
Query Builder