CNNVD-202509-3803 Information

CNNVD ID

CNNVD-202509-3803

Related CVE

CVE-2025-57354

• CNNVD Published: 2025-09-24

Description (Chinese)

Counterpart是Martin Andert个人开发者的一个翻译库。 Counterpart 0.18.6之前版本存在安全漏洞，该漏洞源于对用户输入清理不足，可能导致原型污染攻击。

Description (English)

Counterpart is a translation library for Martin Andert’s personal developer. There was a security loophole in the pre-Counterpart 0.18.6 version, which stemmed from inadequate cleaning of user input, which could lead to a prototype pollution attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-24

Last Modified

2026-02-24

References

https://github.com/VulnSageAgent/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-57354 https://github.com/martinandert/counterpart/issues/54 https://access.redhat.com/security/cve/cve-2025-57354

Patch

https://github.com/martinandert/counterpart/tags