CNNVD-202509-3793 Information

CNNVD ID

CNNVD-202509-3793

Related CVE

CVE-2025-57351

• CNNVD Published: 2025-09-24

Description (Chinese)

ts-fns是tangshuang个人开发者的一个java库 ts-fns 13.0.7之前版本存在安全漏洞，该漏洞源于assign函数对用户提供键的验证不足，可能导致原型污染攻击。

Description (English)

ts-fns is a java bank of the Tangshuang personal developer ts-fns 13.0.7 contains a security loophole, which arises from the lack of verification of the key provided by the assign function to the user, which may lead to a prototype pollution attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-24

Last Modified

2026-02-24

References

https://github.com/VulnSageAgent/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-57351 https://github.com/tangshuang/ts-fns/issues/36