Skip to content

CVE-2024-38999 requirejs v2.3.6 was discovered to contain a prototype pollution#118

Merged
vharseko merged 2 commits into
OpenIdentityPlatform:masterfrom
maximthomas:issues/913-update-requirejs
Sep 18, 2025
Merged

CVE-2024-38999 requirejs v2.3.6 was discovered to contain a prototype pollution#118
vharseko merged 2 commits into
OpenIdentityPlatform:masterfrom
maximthomas:issues/913-update-requirejs

Conversation

@maximthomas

@maximthomas maximthomas commented Sep 5, 2025

Copy link
Copy Markdown
Contributor

CVE-2024-38999 requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties

@maximthomas maximthomas requested a review from vharseko September 5, 2025 08:09
@vharseko vharseko merged commit 0c2314a into OpenIdentityPlatform:master Sep 18, 2025
4 of 34 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants