High severity7.8NVD Advisory· Published Jan 16, 2024· Updated Jun 17, 2026
CVE-2024-23347
CVE-2024-23347
Description
Prior to v176, when opening a new project Meta Spark Studio would execute scripts defined inside of a package.json file included as part of that project. Those scripts would have the ability to execute arbitrary code on the system as the application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <176
- Meta Platforms, Inc/Meta Spark Studiov5Range: 0
Patches
Vulnerability mechanics
References
1- www.facebook.com/security/advisories/cve-2024-23347nvdVendor Advisory
News mentions
0No linked articles in our index yet.