4 matches found
CVE-2024-57072
A prototype pollution in the lib.requireFromString function of module-from-string v3.3.1 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
@alvori/app (>=1.0.0-beta.11 <=1.0.0-beta.12), @chumager/itdfw (>=5.5.0 <=5.5.3) +113 more potentially affected by CVE-2024-57072 via module-from-string (>=2.3.0 <=3.3.1)
module-from-string NPM version =2.3.0, =1.0.0-beta.11, =5.5.0, =0.0.1, =0.0.2, =0.0.1, =0.0.1, =0.0.2, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =0.1.9 and more Source cves: CVE-2024-57072 Source advisory: OSV:GHSA-Q5J8-9M9G-X2JH...
CVE-2024-57072
creationtimestamp| type| source ---|---|--- 2025-02-05 21:32:43+00:00| seen| https://infosec.exchange/users/cve/statuses/113953417674192292 2025-02-05 22:16:44+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhhlxhnmxl2n...
CVE-2024-57072
A prototype pollution in the lib.requireFromString function of module-from-string v3.3.1 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...