CVE-2025-3982

216.73.217.22

· Published 27/04/2025 19:15 · Modified 27/04/2025 19:15

Labels: CVE-2025-3982 2025-04-27 CVE-2025-3982 CWE-94 [email protected]

Essential information

Published: 27/04/2025 19:15
Modified: 27/04/2025 19:15
Author: —
Creator: —
CVSS: 5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0. Affected is the function SvSetPropNodeMK2 of the file sverchok/nodes/object_nodes/getsetprop_mk2.py of the component Set Property Mk2 Node. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
nortikin / sverchok	`cpe:2.3:a:nortikin:sverchok:1.3.0:::::::*`