[SECURITY] Fedora 44 Update: python-tomli-2.4.1-1.fc44

Tomli is a Python library for parsing TOML. Tomli is fully compatible with TOML v1.0.0...

Prototype Pollution

Overview js-toml is an A TOML parser for JavaScript/TypeScript, targeting TOML 1.0.0 Spec Affected versions of this package are vulnerable to Prototype Pollution via the parsing process. An attacker can inject or modify properties on the global Object.prototype by supplying specially crafted TOML...

CVE-2025-54803

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. In versions below 1.0.2, a prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML input. This is fixed...

CVE-2025-54803 js-toml is vulnerable to Prototype Pollution

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. In versions below 1.0.2, a prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML input. This is fixed...

CVE-2025-54803 js-toml is vulnerable to Prototype Pollution

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. In versions below 1.0.2, a prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML input. This is fixed...

CVE-2025-54803 js-toml is vulnerable to Prototype Pollution

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. In versions below 1.0.2, a prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML input. This is fixed...

CVE-2025-54803

CVE-2025-54803 affects the JavaScript TOML parser js-toml . Vulnerable versions are those below 1.0.2 , where parsing a specially crafted TOML input can enable a prototype pollution attack that allows an attacker to add or modify properties on the global Object.prototype . The impact can range fr...

js-toml 安全漏洞

js-toml is a TOML parser for JavaScript by Sunny Personal Developer. A security vulnerability exists in versions of js-toml prior to 1.0.2, which stems from a prototype contamination vulnerability that could lead to modification of the global Object.prototype property...

Stack Overflow

TOML parser is vulnerable to stack overflow. The vulnerability is due to improper handling of deeply nested structures in the TOML parser, which can lead to a stack overflow when encountering deeply nested inline structures or stringifying deeply nested objects. It allows an attacker to craft a...

Fedora: Security Advisory for ghc-toml-parser (FEDORA-2024-b458482d48)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: ghc-toml-parser-1.3.2.0-29.fc39

TOML parser using generated lexers and parsers with careful attention to the TOML 1.0.0 semantics for defining tables...

Fedora 39 : ghc-base64 / ghc-hakyll / ghc-isocline / ghc-toml-parser / gitit / etc (2024-b458482d48)

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-b458482d48 advisory. Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: - backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: - new package for pand...

[SECURITY] Fedora 40 Update: ghc-toml-parser-1.3.2.0-29.fc40

TOML parser using generated lexers and parsers with careful attention to the TOML 1.0.0 semantics for defining tables...

Fedora: Security Advisory for ghc-toml-parser (FEDORA-2024-7d83cbccb6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

com.fasterxml.jackson.dataformat: jackson-dataformat-toml is vulnerable to Denial of Service DoS attacks. The vulnerability is due a lack of a max nesting depth; If the TOML parser is run on user supplied input an attacker is able to cause a stackoverflow, resulting in an application crash...

Stellar.org: heap-buffer-overflow (READ of size 1) in cpptoml::parser::consume_whitespace()

@geeknik found a heap buffer overflow in stellar-core's toml parser. This is low severity because toml parser is only used to parse config file of stellar-core...