Vulnerability Details : CVE-2023-38894
Potential exploit
A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function.
Vulnerability category: Execute code
Products affected by CVE-2023-38894
We don't have affected product information for this CVE yet
Exploit prediction scoring system (EPSS) score for CVE-2023-38894
0.81%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
References for CVE-2023-38894
-
http://tree-kit.com
WELCOME! - Honey Brothers
-
https://www.code-intelligence.com/blog/treekit-prototype-pollution-cve-2023-38894
New Vulnerability in tree-kit: Prototype Pollution - CVE-2023-38894 (reserved)
-
https://github.com/cronvel/tree-kit
GitHub - cronvel/tree-kit: Tree utilities (extend, mask, etc...)
Jump to