CVE Field Guide
About Us
CVE-2025-63703
PUBLISHED
Assigner:
mitre
Reserved:
27.10.2025
Published:
07.05.2026
Updated:
07.05.2026
npm package parse-ini v1.0.6 is vulnerable to Prototype Pollution in index.js().
Product Status
Vendor
n/a
Product
n/a
Versions
Version n/a is affected
References
https://www.npmjs.com/package/parse-ini?activeTab=code
https://gist.github.com/6en6ar/bdc8e0d472406ab98431f10273cbdbf3
Problem Types
n/a
text