1Eki
CVE-2024-21489 | uplot up to 1.6.30 uplot.assign prototype pollution (SNYK-JS-UPLOT-6209224)
A vulnerability was found in uplot up to 1.6.30 and classified as critical. This issue affects the functionuplot.assign
. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution').
The identification of this vulnerability is CVE-2024-21489. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.