CNNVD-202509-3780 Information

CNNVD ID

CNNVD-202509-3780

Related CVE

CVE-2025-57318

• CNNVD Published: 2025-09-24

Description (Chinese)

csvjson是Pradeep个人开发者的一个csv转换json库。 csvjson 5.1.0及之前版本存在安全漏洞，该漏洞源于toCsv函数存在原型污染，攻击者可通过特制有效载荷注入属性，可能导致拒绝服务。

Description (English)

csvjson is a csv conversionjson library for Pradeep personal developers. Csvjson 5.1.0 and previous versions contain a security loophole, which stems from the prototype contamination of the tocsv function, which can be injected by the attacker through a special payload, which may lead to the denial of service.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-24

Last Modified

2026-02-24

References

https://github.com/VulnSageAgent/PoCs/blob/main/JavaScript/prototype-pollution/csvjson%405.1.0/index.js https://github.com/VulnSageAgent/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-57318