CVE-2024-36575

2024-06-1700:00:00

mitre

github.com

cve-2024-36575

prototype pollution

getsetprop 1.1.0

arbitrary code execution

global accessor

AI Score

7.8

Confidence

Low

EPSS

Percentile

9.0%

SSVC

Exploitation

poc

Automatable

Technical Impact

total

JSON

A Prototype Pollution issue in getsetprop 1.1.0 allows an attacker to execute arbitrary code via global.accessor.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:notabotai:getsetprop:1.1.0:*:*:*:*:*:*:*"
    ],
    "vendor": "notabotai",
    "product": "getsetprop",
    "versions": [
      {
        "status": "affected",
        "version": "1.1.0"
      }
    ],
    "defaultStatus": "unknown"
  }
]