CNNVD-202509-3786 Information

CNNVD ID

CNNVD-202509-3786

Related CVE

CVE-2025-57325

• CNNVD Published: 2025-09-24

Description (Chinese)

Rollbar.js是Rollbar开源的一个从错误跟踪和日志记录库。 Rollbar.js 2.26.4及之前版本存在安全漏洞，该漏洞源于utility.set函数存在原型污染，可能导致拒绝服务攻击。

Description (English)

Rollbar.js is an open source of Rollbar’s journal logs for tracking errors. Rollbar.js 2.26.4 and previous versions contain a security loophole, which stems from the prototype pollution of the utility.set function, which may lead to a denial of service attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Rollbar

Published

2025-09-24

Last Modified

2026-02-24

References

https://github.com/VulnSageAgent/PoCs/blob/main/JavaScript/prototype-pollution/rollbar%402.26.4/index.js https://github.com/VulnSageAgent/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-57325