cvedb.io
CVE-2022-25948
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2022-12-22T05:15:10.487 · Last modified 2026-06-17T04:34:31.390

Summary

The package liquidjs before 10.0.0 are vulnerable to Information Exposure when ownPropertyOnly parameter is set to False, which results in leaking properties of a prototype. Workaround For versions 9.34.0 and higher, an option to disable this functionality is provided.

Affected products

liquidjs — liquidjs

Does this affect you?

Add your gear to cvedb and we'll alert you only when liquidjs ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.