CVE-2024-39014

Name of the Vulnerable Software and Affected Versions cahil/utils version 2.3.2

Description The issue allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties using the set function. This is a result of prototype pollution in the cahil/utils library.

Recommendations For version 2.3.2, consider disabling the set function as a temporary workaround until a patch is available. Restrict access to the library to minimize the risk of exploitation. Avoid using the library until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.