CVE-2024-38987

Published July 1st, 2024

View on NVD ↗

CVSS v3

6.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

aofl cli-lib v3.14.0 was discovered to contain a prototype pollution via the component defaultsDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

AgeOfLearning/aofl

This mono-repo contains tools and libraries for the AofL JS framework

GitHub