Lucene search
K

5 matches found

EUVD
EUVD
added 2025/11/11 12:41 a.m.1 views

EUVD-2025-55164

Malicious code in cooing-rose-clownfish npm...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/14 4:54 p.m.3 views

CVE-2025-55164

content-security-policy-parser parses content security policy directives. A prototype pollution vulnerability exists in versions 0.5.0 and earlier, wherein if a policy name is called proto, one can override the Object prototype. This issue has been patched in version 0.6.0. A workaround involves...

8.8CVSS7.1AI score0.00395EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/08/12 6:7 p.m.6 views

@0xbigboss/vite-plugin-web-extension (>=5.2.0 <=5.4.0), @58860ed6ffd9e897/gold-finger-extension (=1.0.2) +54 more potentially affected by CVE-2025-55164 via content-security-policy-parser (>=0.1.1 <=0.5.0)

content-security-policy-parser NPM version =0.1.1, =5.2.0, =2.13.1, =2.12.1-canary.3354, =2.12.1-canary.3354, =2.12.5, =0.84.3, =0.0.0-experimental-2cc8de3, =0.0.0-experimental-4529dd0, =0.0.0-experimental-2cd2b9e, =0.0.0-experimental-2cc8de3, =0.0.0-experimental-2cc8de3,...

8.8CVSS5.7AI score0.00395EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/12 6:7 p.m.13 views

@0xbigboss/vite-plugin-web-extension (>=5.2.0 <=5.4.0), @58860ed6ffd9e897/gold-finger-extension (=1.0.2) +54 more potentially affected by CVE-2025-55164 via content-security-policy-parser (>=0.1.1 <=0.4.1)

content-security-policy-parser NPM version =0.1.1, =5.2.0, =2.13.1, =2.12.1-canary.3354, =2.12.1-canary.3354, =2.12.5, =0.84.3, =0.0.0-experimental-2cc8de3, =0.0.0-experimental-4529dd0, =0.0.0-experimental-2cd2b9e, =0.0.0-experimental-2cc8de3, =0.0.0-experimental-2cc8de3,...

8.8CVSS5.7AI score0.00395EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/08/12 4:2 p.m.3 views

CVE-2025-55164 content-security-policy-parser Prototype Pollution Vulnerability May Lead to RCE

content-security-policy-parser parses content security policy directives. A prototype pollution vulnerability exists in versions 0.5.0 and earlier, wherein if a policy name is called proto, one can override the Object prototype. This issue has been patched in version 0.6.0. A workaround involves...

8.8CVSS7AI score0.00395EPSS
Exploits0References3
Rows per page
Query Builder