CVE-2024-21528

CVSS 5.9 · Medium EPSS 0.06% · P18 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-21528

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

All versions of the package node-gettext are vulnerable to Prototype Pollution via the addTranslations() function in gettext.js due to improper user input sanitization.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

CWE-1321

Source: NVD (National Vulnerability Database)

Vulnerability Title

node-gettext 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

node-gettext是Alexander Wallin开源的一个本地化框架 gettext 的 JavaScript 实现。 node-gettext存在安全漏洞，该漏洞源于对用户输入的清理不当，可能通过gettext.js中的addTranslations()函数受到原型污染。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	node-gettext	0 ~ *	-

II. Public POCs for CVE-2024-21528

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-21528

请登录查看更多情报信息。

Same Patch Batch · n/a · 2024-09-10 · 24 CVEs total

CVE-2024-31960	7.8 HIGH	SAMSUNG Mobile Processor 安全漏洞
CVE-2024-25073	5.9 MEDIUM	SAMSUNG Mobile Processor 安全漏洞
CVE-2024-25074	5.9 MEDIUM	SAMSUNG Mobile Processor 安全漏洞
CVE-2023-37226		Loftware Spectrum 安全漏洞
CVE-2023-36103		Tenda AC15 安全漏洞
CVE-2024-34831		Gibbon 安全漏洞
CVE-2024-44667		Haichangxing HCX H822 安全漏洞
CVE-2024-44872		moziloCMS 安全漏洞
CVE-2024-44871		moziloCMS 安全漏洞
CVE-2024-44893		JimuReport 安全漏洞
CVE-2024-43040		Renwoxing Enterprise Intelligent Management System 安全漏洞
CVE-2023-37231		Loftware Spectrum 安全漏洞
CVE-2023-37230		Loftware Spectrum 安全漏洞
CVE-2023-37234		Loftware Spectrum 安全漏洞
CVE-2023-37233		Loftware Spectrum 安全漏洞
CVE-2023-37232		Loftware Spectrum 安全漏洞
CVE-2023-37227		Loftware Spectrum 安全漏洞
CVE-2023-37229		Loftware Spectrum 安全漏洞
CVE-2024-44677		ELADMIN 安全漏洞
CVE-2024-44676		ELADMIN 安全漏洞

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: n/a

Same weakness: CWE-1321

V. Comments for CVE-2024-21528

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-21528

I. Basic Information for CVE-2024-21528

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-21528

III. Intelligence Information for CVE-2024-21528

Same Patch Batch · n/a · 2024-09-10 · 24 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-21528

Leave a comment