logo

Database

Prototype Pollution In parse-ini

Description

parse-ini is vulnerable to Prototype Pollution in index.js() npm package parse-ini v1.0.6 is vulnerable to Prototype Pollution in index.js().

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version

Aliases

1. CVE-2025-637032. NVD-2025-637033. OSV-2025-637034. GCVE-2025-63703

References

1. https://gist.github.com/6en6ar/bdc8e0d472406ab98431f10273cbdbf32. https://www.npmjs.com/package/parse-ini?activeTab=code

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.