CNNVD-202508-3026 Information

CNNVD ID

CNNVD-202508-3026

Related CVE

CVE-2025-57820

• CNNVD Published: 2025-08-26

Description (Chinese)

Svelte是Svelte开源的一种构建 Web 应用程序的新方法。 Svelte 5.3.2之前版本存在安全漏洞，该漏洞源于未正确检查输入对象属性，可能导致原型污染。

Description (English)

Svelte is a new method of building Web applications from the Svelte Open Source. The previous version of Svelte 5.3.2 had a safety loophole, which stemmed from an incorrect examination of input object properties and could lead to prototype contamination.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Svelte

Published

2025-08-26

Last Modified

2026-02-24

References

https://github.com/sveltejs/devalue/security/advisories/GHSA-vj54-72f3-p5jv https://github.com/sveltejs/devalue/commit/0623a47c9555b639c03ff1baea82951b2d9d1132 https://nvd.nist.gov/vuln/detail/CVE-2025-57820

Patch

https://github.com/sveltejs/devalue/releases