CVE-2024-38988

Name of the Vulnerable Software and Affected Versions alizeait unflatto versions 1.0.2 and earlier

Description The issue is related to a prototype pollution vulnerability via the exports.unflatto method at /dist/index.js. This allows attackers to execute arbitrary code or cause a Denial of Service (DoS) by injecting arbitrary properties.

Recommendations For versions 1.0.2 and earlier, consider disabling the exports.unflatto method at /dist/index.js to prevent exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.