CVE-2025-57820 Overview
CVE-2025-57820 is a prototype pollution vulnerability in Svelte devalue, a utility library used to serialize and deserialize JavaScript values. Versions prior to 5.3.2 allow a crafted string passed to devalue.parse to represent an object containing a __proto__ property. The function also fails to verify that an index is numeric. Attackers can exploit this combination to assign prototypes to objects and properties, polluting the JavaScript prototype chain. The issue is tracked under [CWE-1321] and has been fixed in devalue 5.3.2.
Critical Impact
Successful prototype pollution can alter application behavior across the runtime, enabling downstream attacks such as authentication bypass, denial of service, or remote code execution depending on how the host application consumes parsed objects.
Affected Products
- Svelte devalue versions prior to 5.3.2
- Node.js and browser applications calling devalue.parse on untrusted input
- SvelteKit applications relying on devalue for server-to-client payload deserialization
Discovery Timeline
- 2025-08-26 - CVE-2025-57820 published to NVD
- 2026-04-15 - Last updated in NVD database
Technical Details for CVE-2025-57820
Vulnerability Analysis
The devalue library serializes JavaScript values, including cyclic and complex structures, into strings that can later be reconstructed using devalue.parse. The parser walks an index-based representation and assigns properties to reconstructed objects. Two defects converge in versions prior to 5.3.2. First, the parser does not reject keys named __proto__, allowing attacker-controlled data to overwrite an object's prototype. Second, the parser does not validate that indices used during reconstruction are numeric, which expands the surface where polluted values can be assigned.
An attacker who controls input to devalue.parse can therefore mutate Object.prototype properties seen by the entire JavaScript process. Subsequent property lookups across unrelated objects then return attacker-controlled values, breaking security assumptions in authentication checks, template rendering, and option-handling code paths.
Root Cause
The root cause is improper control of object prototype attributes [CWE-1321]. The devalue.parse routine treats __proto__ as an ordinary property key and accepts non-numeric indices, violating the safe-deserialization contract expected of a utility that consumes untrusted serialized data.
Attack Vector
Exploitation requires the application to call devalue.parse on attacker-controlled input. This commonly occurs in SvelteKit form actions, API endpoints, or message channels where serialized state crosses a trust boundary. No authentication or user interaction is required when the vulnerable endpoint is exposed to the network. The vulnerability is described in detail in the GitHub Security Advisory GHSA-vj54-72f3-p5jv and the upstream fix commit.
Detection Methods for CVE-2025-57820
Indicators of Compromise
- Inbound request payloads containing the literal string __proto__, prototype, or constructor directed at endpoints that invoke devalue.parse.
- Application errors referencing unexpected properties on built-in objects, such as Object.prototype returning attacker-defined values.
- Anomalous changes in application behavior immediately following deserialization of external payloads.
Detection Strategies
- Inventory project dependencies and flag installations of devalue below version 5.3.2 using npm ls devalue or software composition analysis tooling.
- Add web application firewall or reverse proxy rules that inspect request bodies for __proto__ keys submitted to deserialization endpoints.
- Enable runtime application self-protection or Node.js policy checks that monitor writes to Object.prototype.
Monitoring Recommendations
- Log all calls to devalue.parse along with input size and source IP for forensic review.
- Track outbound dependency advisories from the Svelte project and the GitHub Advisory Database for follow-on fixes.
- Alert on unexpected modifications to global prototypes in long-running Node.js processes.
How to Mitigate CVE-2025-57820
Immediate Actions Required
- Upgrade devalue to version 5.3.2 or later in every application and transitive dependency.
- Audit code paths that pass untrusted input to devalue.parse and reject payloads containing reserved keys before parsing.
- Rebuild and redeploy SvelteKit applications after the dependency upgrade to ensure the patched version is bundled.
Patch Information
The Svelte maintainers released devalue 5.3.2, which rejects __proto__ keys and validates that indices are numeric during parsing. Review the patch commit 0623a47 for implementation details.
Workarounds
- Validate and sanitize input before invoking devalue.parse, stripping keys named __proto__, constructor, and prototype.
- Freeze Object.prototype at application startup with Object.freeze(Object.prototype) where compatible with the runtime.
- Use Object.create(null) for objects that store user-supplied data to remove the prototype chain from sensitive lookups.
# Upgrade devalue to the patched release
npm install devalue@^5.3.2
# Verify the installed version
npm ls devalue
# Optional runtime hardening in the application entry point
node -e "Object.freeze(Object.prototype); require('./server.js')"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
