3 matches found
0x-relayer-cat (>=0.0.3 <=0.0.10), @1-dao-protocol/juice-contracts-v3 (>=3.1.3 <=3.1.4) +1436 more potentially affected by CVE-2025-57329 via web3-core-method (>=1.0.0-beta.52 <=1.10.3)
web3-core-method NPM version =1.0.0-beta.52, =0.0.3, =3.1.3, =1.0.2, =2.0.3, =1.14.5, =1.0.7, =0.1.0, =10.4.0, =9.0.0, =9.2.0 - @acentswap/aceswap-sdk =9.0.0 and more Source cves: CVE-2025-57329 Source advisory: OSV:GHSA-2J4C-9QQQ-896R...
003-gas-convert (=1.0.1), 0x-hunter-core (>=1.0.0 <=1.0.1-5) +6570 more potentially affected by CVE-2025-57329 via web3-core-method (>=1.0.0-beta.52 <=3.0.0-rc.5)
web3-core-method NPM version =1.0.0-beta.52, =1.0.0, =0.0.3, =0.0.3, =0.0.31, =1.1.0, =0.9.9, =0.1.0, =0.1.1 - 55tools-block =1.0.0 - 55tools-block-ext =1.0.0 - 84447xe5t8 =1.0.0 and more Source cves: CVE-2025-57329 Source advisory: SNYK:JS-WEB3COREMETHOD-13110028...
CVE-2025-57329
web3-core-method is a package designed to creates the methods on the web3 modules. A Prototype Pollution vulnerability in the attachToObject function of web3-core-method version 1.10.4 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing...