CVE-2024-29651

May 20, 2024, 7:34 p.m.

Tags

cve@mitre.org
2024-05-20
CVE-2024-29651

Product(s) Impacted

json-schema-ref-parser

  • 11.0.0
  • 11.1.0

api-dev-tools json-schema-ref-parser

  • 11.0.0
  • 11.1.0

Description

A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle()`, `parse()`, `resolve()`, `dereference() functions.

Weaknesses

Date

Published: May 20, 2024, 6:15 p.m.

Last Modified: May 20, 2024, 7:34 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://gist.github.com/tariqhawis/5db76b38112bba756615b688c32409ad
cve@mitre.org