MidnightBSD

Advisories for richardrodger

CVE-2024-38993

rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Products Affected

Vendor Product Version
richardrodger jsonic 2.12.1
CVE-2024-39002

rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

Products Affected

Vendor Product Version
richardrodger jsonic 2.12.1