CVE-2024-21489

Published: 2024-10-01T05:15Z

Last Modified: 2024-10-04T13:51Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Versions of the package uplot before 1.6.31 are vulnerable to Prototype Pollution via the uplot.assign function due to missing check if the attribute resolves to the object prototype. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt