CVE-2025-57326 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A Prototype Pollution vulnerability in the byGroupAndType function of sassdoc-extras v2.5.1 and before allows attackers to inject properties on Object.prototype…
High CVSS: 7.5

CVE-2025-57326

A Prototype Pollution vulnerability in the byGroupAndType function of sassdoc-extras v2.5.1 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.
Vendor
Sassdoc
Product
Sassdoc-extras
CWE
CWE-1321
Yayın Tarihi
2025-09-24 20:15:32
Güncelleme
2025-10-16 16:23:24
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-1321 Sassdoc-extras HIGH Sassdoc 2025

Referanslar

https://github.com/VulnSageAgent/PoCs/blob/main/JavaScript/prototype-pollution/sassdoc-extras%402.5.1/index.js https://github.com/VulnSageAgent/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-57326