CVE-2024-29650: @thi.ng/paths Prototype Pollution vulnerability
An issue in @thi.ng/paths v.5.1.62 and before allows a remote attacker to execute arbitrary code via the mutIn and mutInManyUnsafe components.
References
- gist.github.com/tariqhawis/1bc340ca5ea6ae115c9ab9665cfd5921
- github.com/advisories/GHSA-8ppr-www8-hfjx
- github.com/thi-ng/umbrella
- github.com/thi-ng/umbrella/commit/c78b484882ad5214a46ef83ddb8020571c171353
- github.com/thi-ng/umbrella/issues/445
- learn.snyk.io/lesson/prototype-pollution/
- nvd.nist.gov/vuln/detail/CVE-2024-29650
Detect and mitigate CVE-2024-29650 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →