CNNVD-202509-3777 Information

CNNVD ID

CNNVD-202509-3777

Related CVE

CVE-2025-57319

• CNNVD Published: 2025-09-24

Description (Chinese)

fast-redact是David Mark Clements个人开发者的一个对象编辑库。 fast-redact 3.5.0及之前版本存在安全漏洞，该漏洞源于nestedRestore函数存在原型污染，可能导致拒绝服务攻击。

Description (English)

Fast-redact is an object editor for David Mark Clements. There is a safety loophole in past-redact 3.5.0 and earlier versions, which stems from the prototype contamination of the NederRestore function, which may lead to a denial of service attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-24

Last Modified

2026-02-24

References

https://github.com/davidmarkclements/fast-redact/issues/75 https://github.com/VulnSageAgent/PoCs/blob/main/JavaScript/prototype-pollution/fast-redact%403.5.0/index.js https://github.com/VulnSageAgent/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-57319