CVE-2024-38991 Information

Description

akbr patch-into v1.0.1 was discovered to contain a prototype pollution via the function patchInto. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Reference

https://gist.github.com/mestrtee/8851413e3b33a96f191f0e9c81706532