CVE-2024-39000: Medium severity adolph_dudu ratio-swiper vulnerability

Published Jul 1, 2024

Updated

adolphdudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function parse. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Affected Software

2 affected components

adolph_dudu ratio-swiper

Swiperjs Swiper=0.0.2

Event History

Jul 1, 2024

CVE Published

via MITRE·12:00 AM

Data Sourced

via MITRE·12:00 AM

Description

Data Sourced

via NVD·01:15 PM

DescriptionSeverityWeaknessAffected Software

Frequently Asked Questions

What is the severity of CVE-2024-39000?

CVE-2024-39000 has a medium severity rating of 6.5 according to CVSS 3.1.

How do I fix CVE-2024-39000?

To mitigate CVE-2024-39000, update to the latest version of adolph_dudu ratio-swiper or apply patches provided by the maintainers.

What type of attack can CVE-2024-39000 enable?

CVE-2024-39000 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) through prototype pollution.

Which software is affected by CVE-2024-39000?

CVE-2024-39000 affects adolph_dudu ratio-swiper version 0.0.2 and Swiperjs Swiper.

What is prototype pollution in the context of CVE-2024-39000?

Prototype pollution, as seen in CVE-2024-39000, refers to the exploitation of the function parse to inject arbitrary properties into object prototypes.

CVE-2024-39000: Medium severity adolph_dudu ratio-swiper vulnerability

Affected Software

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2024-39000?

How do I fix CVE-2024-39000?

What type of attack can CVE-2024-39000 enable?

Which software is affected by CVE-2024-39000?

What is prototype pollution in the context of CVE-2024-39000?

Company

Resources

Contact