CVE-2024-36577

CVSS v3.1

8.3

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H

Name of the Vulnerable Software and Affected Versions js-object-resolver versions prior to 3.1.1

Description The issue allows for Prototype Pollution via the setNestedProperty function of the Module. This can potentially lead to unintended behavior or security issues.

Recommendations For versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue.

Fix

Prototype Pollution

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1321CWE-79

Related Identifiers

CVE-2024-36577

GHSA-QJ86-V6M7-4QV2

Affected Products

Js-Object-Resolver

CVE-2024-36577

Weakness Enumeration

Related Identifiers

Affected Products

References · 5