Prototype Pollution

Rollbar.js is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of object merging in the merge function when rollbar.configure is called with untrusted input, which allows an attacker to manipulate object prototypes and potentially alter application behavior...

Prototype Pollution

rollbar is vulnerable to Prototype Pollution.The vulnerability is due to improper handling of user-supplied input in the utility.set function, which allows an attacker to inject malicious properties into Object.prototype through a crafted payload...

Prototype Pollution

Overview org.webjars.npm:rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. Affected versions of this package are...

EUVD-2025-35708

rollbar vulnerable to Prototype Pollution in merge...

rollbar vulnerable to Prototype Pollution in merge()

Impact Prototype pollution vulnerability in merge. If application code calls rollbar.configure with untrusted input, prototype pollution is possible. Patches Fixed in 2.26.5 and 3.0.0-beta5. Workarounds Ensure that values passed to rollbar.configure do not contain untrusted input. References Fixe...

GHSA-XCG2-9PP4-J82X rollbar vulnerable to Prototype Pollution in merge()

Impact Prototype pollution vulnerability in merge. If application code calls rollbar.configure with untrusted input, prototype pollution is possible. Patches Fixed in 2.26.5 and 3.0.0-beta5. Workarounds Ensure that values passed to rollbar.configure do not contain untrusted input. References Fixe...

Prototype Pollution

Overview rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. Affected versions of this package are vulnerable to Prototyp...

@afif_hh/composable (=1.0.2), @afif_hh/ui_components (>=1.0.5 <=1.0.30) +24 more potentially affected by CVE-2025-62517 via rollbar (>=2.10.0 <=2.26.4)

rollbar NPM version =2.10.0, =1.0.5, =1.0.0, =0.0.5, =0.0.2-beta.1, =0.5.4, =0.8.0, =2.0.0, =0.60.1, =0.20.0-beta.4, =1.0.0, =48.0.0, =1.0.0, =1.0.3 - bnjuilopjhgthtyi =99.99.99 and more Source cves: CVE-2025-62517 Source advisory: SNYK:JS-ROLLBAR-13703255...

CVE-2025-62517

Rollbar.js offers error tracking and logging from Javascript to Rollbar. In versions before 2.26.5 and from 3.0.0-alpha1 to before 3.0.0-beta5, there is a prototype pollution vulnerability in merge. If application code calls rollbar.configure with untrusted input, prototype pollution is possible...

rollbar vulnerable to prototype pollution

Impact Prototype pollution potential with the utility function rollbar/src/utility.set. No impact when using the published public interface. If application code directly imports set from rollbar/src/utility and then calls set with untrusted input in the second argument, it is vulnerable to...

EUVD-2025-31060

rollbar vulnerable to prototype pollution...

GHSA-R8C2-2QWQ-94P6 rollbar vulnerable to prototype pollution

Impact Prototype pollution potential with the utility function rollbar/src/utility.set. No impact when using the published public interface. If application code directly imports set from rollbar/src/utility and then calls set with untrusted input in the second argument, it is vulnerable to...

EUVD-2025-9800

Malicious code in bioql PyPI...

CVE-2025-57325

rollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. A Prototype Pollution vulnerability in the utility.set function of...

Prototype Pollution

Overview org.webjars.npm:rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. Affected versions of this package are...

GHSA-M929-RG27-GJ99 Duplicate Advisory: rollbar vulnerable to prototype pollution

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r8c2-2qwq-94p6. This link is maintained to preserve external references. Original Description rollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package include...

@afif_hh/composable (=1.0.2), @afif_hh/ui_components (>=1.0.5 <=1.0.30) +24 more potentially affected by CVE-2025-57325 via rollbar (>=2.10.0 <=2.26.4)

rollbar NPM version =2.10.0, =1.0.5, =1.0.0, =0.0.5, =0.0.2-beta.1, =0.5.4, =0.8.0, =2.0.0, =0.60.1, =0.20.0-beta.4, =1.0.0, =48.0.0, =1.0.0, =1.0.3 - bnjuilopjhgthtyi =99.99.99 and more Source cves: CVE-2025-57325 Source advisory: SNYK:JS-ROLLBAR-13110036...

Prototype Pollution

Overview rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. Affected versions of this package are vulnerable to Prototyp...

Duplicate Advisory: rollbar vulnerable to prototype pollution

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r8c2-2qwq-94p6. This link is maintained to preserve external references. Original Description rollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package include...

CVE-2025-57325

rollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. A Prototype Pollution vulnerability in the utility.set function of...