11 matches found
Prototype Pollution
csvjson is vulnerable to Prototype Pollution. The vulnerability is due to improper validation of user-supplied input in the toCsv function, which allows an attacker to supply a crafted payload to inject properties on Object.prototype, potentially leading to denial of service DoS or unexpected...
EUVD-2025-31049
Malicious code in bioql PyPI...
Prototype Pollution
Overview csvjson is a convert csv to json and json to csv Affected versions of this package are vulnerable to Prototype Pollution via the toCsv function. An attacker can cause a denial of service by injecting properties into Object.prototype through a crafted payload. Details Prototype Pollution ...
csvjson vulnerable to prototype injection
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
GHSA-XQ4F-3JXP-QV6M csvjson vulnerable to prototype injection
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
CVE-2025-57318
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
CVE-2025-57318
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
CVE-2025-57318
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
CVE-2025-57318
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
CVE-2025-57318
CVE-2025-57318 affects the csvjson package (toCsv function) up to version 5.1.0. A crafted payload can pollute Object.prototype via unsafe merging/definition paths, enabling a denial of service (DoS) as the minimum impact. Remediation per multiple sources: upgrade to a version later than 5.1.0 or...
csvjson 安全漏洞
csvjson is a csv to json library by Pradeep Personal Developer. A security vulnerability exists in csvjson 5.1.0 and earlier versions, which stems from prototype contamination in the toCsv function, which allows an attacker to inject properties via a specially crafted payload, potentially resulti...