CVE-2024-38994

Published: Jul 1, 2024
Updated: May 4, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-38994" target="_blank" rel="noopener"> CVE-2024-38994
GHSA: <a href="https://github.com/advisories/GHSA-w58v-r3cp-qr93" target="_blank" rel="noopener"> GHSA-w58v-r3cp-qr93
Severity: High
Exploit:

amoyjs amoy common v1.0.10 was discovered to contain a prototype pollution via the function extend. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.