CVE-2025-3197

HIGH

expand-object >=0.0.0 - Prototype Pollution via expand() Function

Title source: llm

Description

Versions of the package expand-object from 0.0.0 are vulnerable to Prototype Pollution in the expand() function in index.js. This function expands the given string into an object and allows a nested property to be set without checking the provided keys for sensitive properties like __proto__.

References (3)

Core 3

Core References

Various Sources

https://gist.github.com/miguelafmonteiro/d8f66af61d14e06338b688f90c4dfa7c

Various Sources

https://github.com/jonschlinkert/expand-object/blob/master/index.js%23L13

Third Party Advisory

https://security.snyk.io/vuln/SNYK-JS-EXPANDOBJECT-5821390

Scores

CVSS v3 7.3

EPSS 0.0034

EPSS Percentile 25.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-1321

Status published

Products (2)

n/a/expand-object 0.0.0

npm/expand-object 0npm

Published Apr 04, 2025

Tracked Since Feb 18, 2026