High severity7.5NVD Advisory· Published Feb 5, 2025· Updated Apr 15, 2026
CVE-2024-57086
CVE-2024-57086
Description
A prototype pollution in the function fieldsToJson of node-opcua-alarm-condition v2.134.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
node-opcua-alarm-conditionnpm | < 2.137.0 | 2.137.0 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/advisories/GHSA-gvwq-6fmx-28xmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-57086ghsaADVISORY
- gist.github.com/tariqhawis/30acc3632cf595ca5825b7ec2b2f795anvdWEB
- github.com/node-opcua/node-opcua/blob/330db56bb62bce9fff80382daee1fac94311978d/packages/node-opcua-alarm-condition/test/test_cve_polution_attack.tsghsaWEB
- github.com/node-opcua/node-opcua/issues/1433ghsaWEB
News mentions
0No linked articles in our index yet.