DirectorySecurity AdvisoriesPricing
/
Sign in
Security Advisories

CVE-2024-38999

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-38999

Severity

10.0

Critical

CVSS V3

Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Description

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2024-38999
  • https://github.com/advisories/GHSA-x3m3-4wpv-5vgc
  • https://gist.github.com/mestrtee/9acae342285bd2998fa09ebcb1e6d30a

Affected packages

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0Golden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogPartnersNewsroomCareersLegal