CVE-2024-39853

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jul 1, 2024
Updated: Jul 3, 2024
CWE ID 1321

Summary

CVE-2024-39853 is a vulnerability found in the adolph_dudu ratio-swiper 0.0.2 software. The vulnerability stems from a prototype pollution in the "parse" function, which allows attackers to inject arbitrary properties and execute arbitrary code or cause a Denial of Service (DoS) attack. The affected products include wwuJUc. To remediate this vulnerability, users should update their software to the latest version that addresses the issue. This vulnerability poses a medium risk with a base severity score of 6.5 and has low integrity and confidentiality impacts. The exploitability score is 3.9, and it requires no privileges or user interaction, making it accessible through network attacks. The potential danger to organizations lies in the possibility of unauthorized code execution or disruption of service due to DoS attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-39853 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions