CVE-2024-21548 Information

Description

Versions of the package bun before 1.1.30 are vulnerable to Prototype Pollution due to improper input sanitization. An attacker can exploit this vulnerability through Bun’s APIs that accept objects.

Reference

https://github.com/oven-sh/bun/commit/a234e067a5dc7837602df3fb5489e826920cc65a https://github.com/oven-sh/bun/pull/14119 https://security.snyk.io/vuln/SNYK-JS-BUN-8499549