Lucene search
+L

5 matches found

vulnersOsv
vulnersOsv
added 2025/05/27 3:3 p.m.7 views

@env-hopper/backend-core (>=2.0.1-alpha-20260224145405 <=2.0.1-alpha.3), @env-hopper/frontend-core (>=2.0.1-alpha <=2.0.1-alpha.11) +4 more potentially affected by CVE-2025-48054 via radashi (=12.5.0-beta.6d5c035)

radashi NPM version =12.5.0-beta.6d5c035 is affected by a known vulnerability. The following packages have a transitive dependency on radashi and may be impacted: - @env-hopper/backend-core =2.0.1-alpha-20260224145405, =2.0.1-alpha, =2.0.1-alpha-20260224145405, =0.0.1, =0.0.1, =0.0.1,...

8.8CVSS5.8AI score0.00557EPSS
Exploits0
NVD
NVD
added 2025/05/27 5:15 a.m.16 views

CVE-2025-48054

Radashi is a TypeScript utility toolkit. Prior to version 12.5.1, the set function within the Radashi library is vulnerable to prototype pollution. If an attacker can control parts of the path argument to the set function, they could potentially modify the prototype of all objects in the JavaScri...

8.8CVSS0.00557EPSS
Exploits0References2
Circl
Circl
added 2025/05/27 4:47 a.m.24 views

CVE-2025-48054

creationtimestamp| type| source ---|---|--- 2025-05-27 04:47:52+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17604 2025-05-27 05:00:43+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq4vsqoyz352 2025-05-27...

8.8CVSS4.8AI score0.00557EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/05/27 4:4 a.m.18 views

CVE-2025-48054 Radashi Vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Radashi is a TypeScript utility toolkit. Prior to version 12.5.1, the set function within the Radashi library is vulnerable to prototype pollution. If an attacker can control parts of the path argument to the set function, they could potentially modify the prototype of all objects in the JavaScri...

8.8CVSS0.00557EPSS
Exploits0References2
CVE
CVE
added 2025/05/27 4:4 a.m.67 views

CVE-2025-48054

Radashi (TypeScript utility toolkit) is affected by a prototype-pollution vulnerability in the set function prior to version 12.5.1. If an attacker controls parts of the path argument, they can modify object prototypes in the JS runtime, potentially causing unexpected behavior, DoS, or in some ca...

8.8CVSS7.5AI score0.00557EPSS
Exploits0References2
Rows per page
Query Builder