DevGuard Logo

/Badge API Programm ZenDiS
Group
/Badge API Documentation
Repository

Overview
Compliance
Code Risks
Dependency Risks
Dependencies

CVE-2025-32014

estree-util-value-to-estree converts a JavaScript value to an ESTree expression. When generating an ESTree from a value with a property named __proto__, valueToEstree would generate an object that specifies a prototype instead. This vulnerability is fixed in 3.3.3.

Open
NONE (0.0)
  • logo

    System detected CVE-2025-32014

    main
  • logo

    System removed scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning

    main
  • logo

    System removed scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning

    main

Add a comment

Mark as False Positive
Last calculated at:

Affected component

Logo von npm estree-util-value-to-estree

Installed version:
3.2.1
Fixed in:
3.3.3
Show in dependency graph

Quick Fix

Update all Dependencies
Update only estree-util-value-to-estree
GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 667098114b5ef45c7830e7aa599604fa65eb818f