Vulnerability Details CVE-2025-57317
apidoc-core is the core parser library to generate apidoc result following the apidoc-spec. A Prototype Pollution vulnerability in the preProcess function of apidoc-core versions thru 0.15.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.7%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2025-57317
-
cpe:2.3:a:apidocjs:apidoc-core:0.1.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.10.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.11.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.11.1
-
cpe:2.3:a:apidocjs:apidoc-core:0.12.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.15.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.2.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.2.1
-
cpe:2.3:a:apidocjs:apidoc-core:0.2.2
-
cpe:2.3:a:apidocjs:apidoc-core:0.3.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.3.1
-
cpe:2.3:a:apidocjs:apidoc-core:0.3.2
-
cpe:2.3:a:apidocjs:apidoc-core:0.4.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.4.1
-
cpe:2.3:a:apidocjs:apidoc-core:0.4.2
-
cpe:2.3:a:apidocjs:apidoc-core:0.5.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.5.1
-
cpe:2.3:a:apidocjs:apidoc-core:0.6.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.6.1
-
cpe:2.3:a:apidocjs:apidoc-core:0.7.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.7.1
-
cpe:2.3:a:apidocjs:apidoc-core:0.8.0
-
cpe:2.3:a:apidocjs:apidoc-core:0.8.1
-
cpe:2.3:a:apidocjs:apidoc-core:0.8.2
-
cpe:2.3:a:apidocjs:apidoc-core:0.8.3