Lucene search
MitreVULNRICHMENT:CVE-2024-36572HistoryJul 30, 2024 - 12:00 a.m.
CVE-2024-36572
2024-07-3000:00:00
mitre
github.com
3
prototype pollution
allpro form-manager
cve-2024-36572
arbitrary code
mergebranch
object.setobjectvalue
AI Score
7.6
Confidence
Low
EPSS
0.001
Percentile
50.1%
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
total
Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause other impacts via the functions setDefaults, mergeBranch, and Object.setObjectValue.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:allpro:form-manager:0.7.4:*:*:*:*:*:*:*"
],
"vendor": "allpro",
"product": "form-manager",
"versions": [
{
"status": "affected",
"version": "0.7.4"
}
],
"defaultStatus": "unknown"
}
]Related
cve
cve
CVE-2024-36572
2024-07-30 20:15:03
cvelist
cvelist
CVE-2024-36572
2024-07-30 00:00:00
veracode
veracode
Prototype Pollution
2024-08-01 08:59:26
nvd
nvd
CVE-2024-36572
2024-07-30 20:15:03
AI Score
7.6
Confidence
Low
EPSS
0.001
Percentile
50.1%
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-36572