PT-2026-7279 · Unknown · Casl Ability

Alma Security

+3

·

Publicado

2026-02-10

·

Atualizado

2026-02-12

·

CVE-2026-1774

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions CASL Ability versions 2.4.0 through 6.7.4
Description CASL Ability contains a prototype pollution vulnerability. This issue affects versions 2.4.0 through 6.7.4. Prototype pollution occurs when an attacker manipulates the properties of JavaScript objects, potentially leading to denial of service or unauthorized access.
Recommendations Update CASL Ability to a version later than 6.7.4.

Correção

Prototype Pollution

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-1321

Identificadores relacionados

CVE-2026-1774
GHSA-X9VF-53Q3-CVX6

Produtos afetados

Casl Ability