CVE-2024-29651

May 20, 2024, 7:34 p.m.

Product(s) Impacted

json-schema-ref-parser

  • 11.0.0
  • 11.1.0

api-dev-tools json-schema-ref-parser

  • 11.0.0
  • 11.1.0

Description

A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle()`, `parse()`, `resolve()`, `dereference() functions.

Weaknesses

Date

Published: May 20, 2024, 6:15 p.m.

Last Modified: May 20, 2024, 7:34 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References