CVE-2024-57075

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 5, 2025

Updated: Feb 6, 2025

CWE ID 1321

Summary

CVE-2024-57075 is a prototype pollution vulnerability affecting the lib.Logger function in eazy-logger version 4.0.1. This issue enables attackers to supply malicious payloads, leading to a Denial of Service (DoS) condition. By exploiting this weakness, an attacker can cause the application to crash or consume system resources, resulting in unavailability of the service. This vulnerability poses a significant risk to systems using the affected version of eazy-logger, necessitating prompt patching to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2T2UIb
https://www.cve.org/CVERecord?id=CVE-2024-57075
https://nvd.nist.gov/vuln/detail/CVE-2024-57075

Back to Vulnerability Database

CVE-2024-57075

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations