Security Advisory

CVE-2025-57324

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-24 00:00:00

Last updated 2025-09-25 14:28:40

Assigner mitre

State PUBLISHED

Description

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.

← Browse all CVEs View on cve.org ↗