acharts (=1.0.34), amb (>=2.1.1 <=2.1.3) +48 more potentially affected by CVE-2025-57327 via spmrc (>=0.1.0 <=1.2.0)

spmrc NPM version =0.1.0, =2.1.1, =1.4.1, =0.1.0, =0.2.0, =0.2.0, =0.1.0, =0.1.3, =0.5.8, =0.0.1, =0.2.1, =0.5.12 and more Source cves: CVE-2025-57327 Source advisory: SNYK:JS-SPMRC-13110015...

spmrc vulnerable to prototype pollution

spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...

GHSA-R2RV-8PP3-65XW spmrc vulnerable to prototype pollution

spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...

spmrc 安全漏洞

spmrc is an open source spmrc management library from Static Package Manager. A security vulnerability exists in spmrc 1.2.0 and earlier versions, which stems from prototype contamination of the set and config functions, which allows an attacker to inject attributes via a specially crafted payloa...