CVE-2024-21548

oven-sh/bun
on github

Published

Severity

CVSS v3:
N/A
CVSS v2:
N/A

Description

Versions of the package bun before 1.1.30 are vulnerable to Prototype Pollution due to improper input sanitization. An attacker can exploit this vulnerability through Bun's APIs that accept objects.

References

Configurations

CPE23Version StartVersion EndExact Version

External Links