CVE-2024-57079 | zag-js core 0.50.0 lib.deepMerge prototype pollution

A vulnerability was found in zag-js core 0.50.0 and classified as problematic. Affected by this issue is the function lib.deepMerge. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is handled as CVE-2024-57079. Access to the local network is required for this attack to succeed. There is no exploit available.VulDB Recent EntriesRead More