CVE-2024-39013

Name of the Vulnerable Software and Affected Versions 2o3t-utility version 0.1.2

Description The issue allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties using the extend function, which is affected by prototype pollution.

Recommendations For version 0.1.2, consider disabling the extend function as a temporary workaround until a patch is available. Restrict the use of this function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.