4 matches found
Prototype Pollution
Overview csvtojson is an A tool concentrating on converting csv data to JSON with customised parser supporting Affected versions of this package are vulnerable to Prototype Pollution in the parserjsonarray process due to insufficient sanitization of nested header names. An attacker can cause deni...
PT-2025-39315
Name of the Vulnerable Software and Affected Versions csvtojson versions prior to 2.0.10 Description The csvtojson package has a flaw due to inadequate sanitization of nested header names during parsing. Processing CSV input with crafted header fields referencing prototype chains like using proto...
CVE-2025-57350
The connected documents provide concrete details for CVE-2025-57350: The csvtojson package (node module) has a prototype pollution vulnerability in versions before 2.0.10, caused by insufficient sanitization of nested header names in the parser_jsonarray component. Attackers can supply specially ...
Malicious code in covid19_nagano_csv_to_json (npm)
The package covid19naganocsvtojson was found to contain malicious code...