ghsa-w2cq-g8g3-gm83
Vulnerability from github
Published
2025-08-12 18:07
Modified
2025-08-12 19:19
Severity ?
8.8 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
content-security-policy-parser Prototype Pollution Vulnerability May Lead to RCE
Details

Impact

A prototype pollution vulnerability exists in versions 0.5.0 and earlier, wherein if you provide a policy name called __proto__ you can override the Object prototype.

For example:

``` const parse = require('content-security-policy-parser');

const x = parse("default-src 'self'; proto foobar"); console.log('raw print:', x); console.log('toString:', x.toString()); ```

Outputs:

raw print: Array { 'default-src': [ "'self'" ] } toString: foobar

Whilst no gadget exists in this library, it is possible via other libraries expose functionality that enable RCE. It is customary to label prototype pollution vulnerabilities in this way. The most common effect of this is denial of service, as you can trivially overwrite properties.

As the content security policy is provided in HTTP queries, it is incredibly likely that network exploitation is possible.

Patches

There has been a patch implemented a year ago (11 Feb 2024), but low uptake of patched versions has not been observed in the wild - only 17% of weekly downloads are of patched versions.

Workarounds

By disabling prototype method in NodeJS you can neutralise all possible prototype pollution attacks. Provide either --disable-proto=delete (recommended) or --disable-proto=throw as an argument to node to enable this feature.

References

Issue revealing the problem, January 26 2024 Commit fixing the problem

Credit to @EvanHahn for patching the vulnerability promptly, and @pnappa (Patrick Nappa) for discovery.

Show details on source website

To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "content-security-policy-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.6.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-55164"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-08-12T18:07:44Z",
    "nvd_published_at": "2025-08-12T16:15:29Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nA prototype pollution vulnerability exists in versions 0.5.0 and earlier, wherein if you provide a policy name called `__proto__` you can override the Object prototype.\n\nFor example:\n\n```\nconst parse = require(\u0027content-security-policy-parser\u0027);\n\nconst x = parse(\"default-src \u0027self\u0027; __proto__ foobar\");\nconsole.log(\u0027raw print:\u0027, x);\nconsole.log(\u0027toString:\u0027, x.toString());\n```\n\nOutputs:\n\n```\nraw print: Array { \u0027default-src\u0027: [ \"\u0027self\u0027\" ] }\ntoString: foobar\n```\n\nWhilst no gadget exists in this library, it is possible via other libraries expose functionality that enable RCE. It is customary to label prototype pollution vulnerabilities in this way. The most common effect of this is denial of service, as you can trivially overwrite properties.\n\nAs the content security policy is provided in HTTP queries, it is incredibly likely that network exploitation is possible.\n\n### Patches\nThere has been a patch implemented a year ago (11 Feb 2024), but low uptake of patched versions has not been observed in the wild - only 17% of weekly downloads are of patched versions.\n\n### Workarounds\nBy disabling prototype method in NodeJS you can neutralise all possible prototype pollution attacks. Provide either `--disable-proto=delete` (recommended) or `--disable-proto=throw` as an argument to `node` to enable this feature.\n\n### References\n[Issue revealing the problem, January 26 2024](https://github.com/helmetjs/content-security-policy-parser/issues/11)\n[Commit fixing the problem](https://github.com/helmetjs/content-security-policy-parser/commit/b13a52554f0168af393e3e38ed4a94e9e6aea9dc)\n\nCredit to @EvanHahn for patching the vulnerability promptly, and @pnappa (Patrick Nappa) for discovery.",
  "id": "GHSA-w2cq-g8g3-gm83",
  "modified": "2025-08-12T19:19:42Z",
  "published": "2025-08-12T18:07:44Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/helmetjs/content-security-policy-parser/security/advisories/GHSA-w2cq-g8g3-gm83"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55164"
    },
    {
      "type": "WEB",
      "url": "https://github.com/helmetjs/content-security-policy-parser/issues/11"
    },
    {
      "type": "WEB",
      "url": "https://github.com/helmetjs/content-security-policy-parser/commit/b13a52554f0168af393e3e38ed4a94e9e6aea9dc"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/helmetjs/content-security-policy-parser"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "content-security-policy-parser Prototype Pollution Vulnerability May Lead to RCE"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.