{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-13204","assignerOrgId":"37e5125f-f79b-445b-8fad-9564f167944b","state":"PUBLISHED","assignerShortName":"certcc","dateReserved":"2025-11-14T16:52:35.957Z","datePublished":"2025-11-14T17:02:39.529Z","dateUpdated":"2025-11-14T20:41:22.990Z"},"containers":{"cna":{"title":"CVE-2025-13204","descriptions":[{"lang":"en","value":"npm package `expr-eval` is vulnerable to Prototype Pollution. An attacker with access to express eval interface can use JavaScript prototype-based inheritance model to achieve arbitrary code execution. The npm expr-eval-fork package resolves this issue."}],"source":{"discovery":"EXTERNAL"},"affected":[{"vendor":"silentmatt","product":"expr-eval","versions":[{"status":"affected","version":"0","lessThanOrEqual":"2.0.2","versionType":"custom"}]}],"problemTypes":[{"descriptions":[{"lang":"en","description":"CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')"}]}],"references":[{"url":"https://www.npmjs.com/package/expr-eval-fork"},{"url":"https://github.com/silentmatt/expr-eval"},{"url":"https://github.com/jorenbroekema/expr-eval"},{"url":"https://www.huntr.dev/bounties/1-npm-expr-eval/","tags":["third-party-advisory"]},{"url":"https://github.com/SECCON/SECCON2022_final_CTF/blob/main/jeopardy/web/babybox/solver/solver.py"},{"url":"https://github.com/silentmatt/expr-eval/pull/252/files","tags":["patch"]},{"url":"https://github.com/vladko312/extras/blob/f549d505af300fd74a01b46fab2102990ff1c14d/expr-eval.py","tags":["exploit"]}],"x_generator":{"engine":"VINCE 3.0.28","env":"prod","origin":"https://cveawg.mitre.org/api/cve/CVE-2025-13204"},"metrics":[{"other":{"type":"ssvcV2_0_0","content":{"timestamp":"2025-11-07T15:47:01.238Z","schemaVersion":"2.0.0","selections":[{"values":[{"key":"P","name":"Public PoC"}],"name":"Exploitation","version":"1.1.0","namespace":"ssvc","definition":"The present state of exploitation of the vulnerability.","key":"E"},{"values":[{"key":"Y","name":"Yes"}],"name":"Automatable","version":"2.0.0","namespace":"ssvc","definition":"Can an attacker reliably automate creating exploitation events for this vulnerability?","key":"A"},{"values":[{"key":"T","name":"Total"}],"name":"Technical Impact","version":"1.0.0","namespace":"ssvc","definition":"The technical impact of the vulnerability.","key":"TI"}]}}}],"providerMetadata":{"orgId":"37e5125f-f79b-445b-8fad-9564f167944b","shortName":"certcc","dateUpdated":"2025-11-14T20:20:20.104Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-1321","lang":"en","description":"CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.3,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","integrityImpact":"LOW","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"LOW","privilegesRequired":"NONE","confidentialityImpact":"LOW"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-11-14T20:36:54.382508Z","id":"CVE-2025-13204","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-11-14T20:41:22.990Z"}}]}}