CVE-2024-57086

CVSS v3.1

8.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Name of the Vulnerable Software and Affected Versions: node-opcua-alarm-condition version 2.134.0

Description: A prototype pollution in the fieldsToJson function allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

Recommendations: For node-opcua-alarm-condition version 2.134.0, consider disabling the fieldsToJson function until a patch is available to prevent potential Denial of Service (DoS) attacks.

Exploit

Fix

DoS

Prototype Pollution

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1321

Related Identifiers

CVE-2024-57086

GHSA-GVWQ-6FMX-28XM

Affected Products

Node-Opcua-Alarm-Condition

CVE-2024-57086

Weakness Enumeration

Related Identifiers

Affected Products

References · 8