VYPR

npm package

csvtojson

pkg:npm/csvtojson

Vulnerabilities (1)

  • CVE-2025-57350Sep 24, 2025
    affected < 2.0.13fixed 2.0.13

    The csvtojson package, a tool for converting CSV data to JSON with customizable parsing capabilities, contains a prototype pollution vulnerability in versions prior to 2.0.10. This issue arises due to insufficient sanitization of nested header names during the parsing process in