Description

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. In versions below 1.0.2, a prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML input. This is fixed in version 1.0.2.

INFO

Published Date :

2025-08-05T00:06:15.916Z

Last Modified :

2025-08-05T14:31:35.284Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-54803 vulnerability.

Vendors Products
Sunnyadn
  • Js-toml
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-54803.

URL Resource
https://gist.github.com/siunam321/f3dc4d21a5a932c67b6c11d0026f5afc cve-icon cve-icon cve-icon
https://github.com/sunnyadn/js-toml/commit/b125910a3f094b744c9c3571360d4b9e3a472f66 cve-icon cve-icon
https://github.com/sunnyadn/js-toml/security/advisories/GHSA-65fc-cr5f-v7r2 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact