Unrated severityNVD Advisory· Published Jul 30, 2024· Updated Oct 22, 2024

CVE-2024-39012

Description

ais-ltd strategyen v0.4.0 was discovered to contain a prototype pollution via the function mergeObjects. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Affected products

Naturalintelligence/Strategyeninferred
Range: <=0.4.0
Package: https://npmjs.com/package/strategyen

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

gist.github.com/mestrtee/acfbd724a4b73bfb5d030575b653453cmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000