CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

OSV•added 2025/03/12 9:31 p.m.•2 views

GHSA-8G77-54RH-46HX Prototype Pollution Vulnerability in parse-git-config

An issue in parse-git-config v.3.0.0 allows an attacker to obtain sensitive information via the expandKeys function...

9.3CVSS7.1AI score0.00035EPSS

Exploits1References3

Github Security Blog•added 2025/03/12 9:31 p.m.•11 views

Prototype Pollution Vulnerability in parse-git-config

An issue in parse-git-config v.3.0.0 allows an attacker to obtain sensitive information via the expandKeys function...

7.5CVSS6.5AI score0.00035EPSS

Exploits1References3Affected Software1

OSV•added 2025/03/12 7:15 p.m.•4 views

CVE-2025-25975

An issue in parse-git-config v.3.0.0 allows an attacker to obtain sensitive information via the expandKeys function...

7.5CVSS6.2AI score

Exploits0References1

CNNVD•added 2025/03/12 12:0 a.m.•0 views

parse-git-config 安全漏洞

parse-git-config is a library from the individual developer Jon Schlinkert. A security vulnerability exists in parse-git-config version 3.0.0, which stems from the expandKeys function that could lead to the disclosure of sensitive information...

7.5CVSS7.3AI score0.00035EPSS

Exploits1References1

CVE•added 2025/03/12 12:0 a.m.•65 views

CVE-2025-25975

CVE-2025-25975 affects the JavaScript library parse-git-config v3.0.0. The issue is information disclosure caused by improper handling of key expansion in the expandKeys function, leading to potential leakage of sensitive data. Multiple sources (including Veracode and Red Hat advisories) describe...

7.5CVSS6.1AI score0.00035EPSS

Exploits1References1Affected Software1