FKIE_CVE-2025-57347

Vulnerability from fkie_nvd - Published: 2025-09-24 19:15 - Updated: 2025-10-17 14:53
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConflict function, which fails to properly sanitize user-supplied input during property assignment operations. This flaw allows attackers to exploit prototype pollution vulnerabilities by injecting malicious input values (e.g., "__proto__"), enabling unauthorized modification of the JavaScript Object prototype chain. Successful exploitation could lead to denial of service conditions, unexpected application behavior, or potential execution of arbitrary code in contexts where polluted properties are later accessed or executed. The issue affects versions prior to 7.0.11 and remains unpatched at the time of disclosure.
References
cve@mitre.orghttps://github.com/VulnSageAgent/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-57347Third Party Advisory
cve@mitre.orghttps://github.com/tbo47/dagre-es/issues/52Issue Tracking
Impacted products
Vendor Product Version
tbo47 dagre-d3-es 7.0.9
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tbo47:dagre-d3-es:7.0.9:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "02568D72-B787-4629-9EDF-633700A0117C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability exists in the \u0027dagre-d3-es\u0027 Node.js package version 7.0.9, specifically within the \u0027bk\u0027 module\u0027s addConflict function, which fails to properly sanitize user-supplied input during property assignment operations. This flaw allows attackers to exploit prototype pollution vulnerabilities by injecting malicious input values (e.g., \"__proto__\"), enabling unauthorized modification of the JavaScript Object prototype chain. Successful exploitation could lead to denial of service conditions, unexpected application behavior, or potential execution of arbitrary code in contexts where polluted properties are later accessed or executed. The issue affects versions prior to 7.0.11 and remains unpatched at the time of disclosure."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad en el paquete Node.js \u0027dagre-d3-es\u0027 versi\u00f3n 7.0.9, espec\u00edficamente dentro de la funci\u00f3n addConflict del m\u00f3dulo \u0027bk\u0027, que no logra sanear adecuadamente la entrada proporcionada por el usuario durante las operaciones de asignaci\u00f3n de propiedades. Esta falla permite a los atacantes explotar vulnerabilidades de contaminaci\u00f3n de prototipos inyectando valores de entrada maliciosos (por ejemplo, \u0027__proto__\u0027), lo que permite la modificaci\u00f3n no autorizada de la cadena de prototipos del objeto JavaScript. La explotaci\u00f3n exitosa podr\u00eda conducir a condiciones de denegaci\u00f3n de servicio, comportamiento inesperado de la aplicaci\u00f3n o la ejecuci\u00f3n potencial de c\u00f3digo arbitrario en contextos donde las propiedades contaminadas son posteriormente accedidas o ejecutadas. El problema afecta a las versiones anteriores a la 7.0.11 y permanece sin parchear en el momento de la divulgaci\u00f3n."
    }
  ],
  "id": "CVE-2025-57347",
  "lastModified": "2025-10-17T14:53:19.667",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-09-24T19:15:39.980",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/VulnSageAgent/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-57347"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/tbo47/dagre-es/issues/52"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1321"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.