CVE-2024-21528

Published September 10th, 2024

View on NVD ↗

CVSS v3

5.9

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

All versions of the package node-gettext are vulnerable to Prototype Pollution via the addTranslations() function in gettext.js due to improper user input sanitization.

alexanderwallin/node-gettext

A JavaScript implementation of gettext, a localization framework.

GitHub

188