Prototype Pollution

Rollbar.js is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of object merging in the merge function when rollbar.configure is called with untrusted input, which allows an attacker to manipulate object prototypes and potentially alter application behavior...

Prototype Pollution

rollbar is vulnerable to Prototype Pollution.The vulnerability is due to improper handling of user-supplied input in the utility.set function, which allows an attacker to inject malicious properties into Object.prototype through a crafted payload...

Prototype Pollution

Overview rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. Affected versions of this package are vulnerable to Prototyp...

rollbar vulnerable to Prototype Pollution in merge()

Impact Prototype pollution vulnerability in merge. If application code calls rollbar.configure with untrusted input, prototype pollution is possible. Patches Fixed in 2.26.5 and 3.0.0-beta5. Workarounds Ensure that values passed to rollbar.configure do not contain untrusted input. References Fixe...

@afif_hh/composable (=1.0.2), @afif_hh/ui_components (>=1.0.5 <=1.0.30) +24 more potentially affected by CVE-2025-62517 via rollbar (>=2.10.0 <=2.26.4)

rollbar NPM version =2.10.0, =1.0.5, =1.0.0, =0.0.5, =0.0.2-beta.1, =0.5.4, =0.8.0, =2.0.0, =0.60.1, =0.20.0-beta.4, =1.0.0, =48.0.0, =1.0.0, =1.0.3 - bnjuilopjhgthtyi =99.99.99 and more Source cves: CVE-2025-62517 Source advisory: SNYK:JS-ROLLBAR-13703255...

GHSA-XCG2-9PP4-J82X rollbar vulnerable to Prototype Pollution in merge()

Impact Prototype pollution vulnerability in merge. If application code calls rollbar.configure with untrusted input, prototype pollution is possible. Patches Fixed in 2.26.5 and 3.0.0-beta5. Workarounds Ensure that values passed to rollbar.configure do not contain untrusted input. References Fixe...

Prototype Pollution

Overview org.webjars.npm:rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. Affected versions of this package are...

EUVD-2025-35708

rollbar vulnerable to Prototype Pollution in merge...

CVE-2025-62517

Rollbar.js offers error tracking and logging from Javascript to Rollbar. In versions before 2.26.5 and from 3.0.0-alpha1 to before 3.0.0-beta5, there is a prototype pollution vulnerability in merge. If application code calls rollbar.configure with untrusted input, prototype pollution is possible...

rollbar vulnerable to prototype pollution

Impact Prototype pollution potential with the utility function rollbar/src/utility.set. No impact when using the published public interface. If application code directly imports set from rollbar/src/utility and then calls set with untrusted input in the second argument, it is vulnerable to...

GHSA-R8C2-2QWQ-94P6 rollbar vulnerable to prototype pollution

Impact Prototype pollution potential with the utility function rollbar/src/utility.set. No impact when using the published public interface. If application code directly imports set from rollbar/src/utility and then calls set with untrusted input in the second argument, it is vulnerable to...

EUVD-2025-31060

rollbar vulnerable to prototype pollution...

EUVD-2025-9800

Malicious code in bioql PyPI...

CVE-2025-57325

rollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. A Prototype Pollution vulnerability in the utility.set function of...

@afif_hh/composable (=1.0.2), @afif_hh/ui_components (>=1.0.5 <=1.0.30) +24 more potentially affected by CVE-2025-57325 via rollbar (>=2.10.0 <=2.26.4)

rollbar NPM version =2.10.0, =1.0.5, =1.0.0, =0.0.5, =0.0.2-beta.1, =0.5.4, =0.8.0, =2.0.0, =0.60.1, =0.20.0-beta.4, =1.0.0, =48.0.0, =1.0.0, =1.0.3 - bnjuilopjhgthtyi =99.99.99 and more Source cves: CVE-2025-57325 Source advisory: SNYK:JS-ROLLBAR-13110036...

Prototype Pollution

Overview org.webjars.npm:rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. Affected versions of this package are...

Duplicate Advisory: rollbar vulnerable to prototype pollution

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r8c2-2qwq-94p6. This link is maintained to preserve external references. Original Description rollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package include...

GHSA-M929-RG27-GJ99 Duplicate Advisory: rollbar vulnerable to prototype pollution

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r8c2-2qwq-94p6. This link is maintained to preserve external references. Original Description rollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package include...

Prototype Pollution

Overview rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. Affected versions of this package are vulnerable to Prototyp...

CVE-2025-57325

rollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. A Prototype Pollution vulnerability in the utility.set function of...