CVE-2024-38983

Name of the Vulnerable Software and Affected Versions mini-deep-assign version 0.0.8

Description The issue allows an attacker to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the assign() method. This method is located at /lib/index.js:91.

Recommendations For mini-deep-assign version 0.0.8, consider disabling the assign() method as a temporary workaround until a patch is available. Restrict access to the /lib/index.js file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.