![[devalue] devalue `uneval`ed code can create objects with polluted prototypes when `eval`ed](/assets/images/github_com_1771583667038.png)
Security Advisories์ถ์ฒ: GitHub Security Advisories์กฐํ์ 5
[devalue] devalue `uneval`ed code can create objects with polluted prototypes when `eval`ed
By GitHub2026๋
2์ 20์ผ
**[devalue] devalue `uneval`ed code can create objects with polluted prototypes when `eval`ed**
Under certain circumstances, unevaling untrusted data can produce output code that will create objects with polluted prototypes when later evaled, meaning the output data can be a different shape from the input data. References https://github.com/sveltejs/devalue/security/advisories/GHSA-8qm3-746x-r74r https://github.com/sveltejs/devalue/commit/0f04d4d678eac39ad5d7a07d1956275d7874e81c https://github.com/sveltejs/devalue/releases/tag/v5.6.3 https://github.com/advisories/GHSA-8qm3-746x-r74r
---
**[devsupporter ํด์ค]**
์ด ๊ธฐ์ฌ๋ GitHub Security Advisories์์ ์ ๊ณตํ๋ ์ต์ ๊ฐ๋ฐ ๋ํฅ์ ๋๋ค. ๊ด๋ จ ๋๊ตฌ๋ ๊ธฐ์ ์ ๋ํด ๋ ์์๋ณด์๋ ค๋ฉด ์๋ณธ ๋งํฌ๋ฅผ ์ฐธ๊ณ ํ์ธ์.
Under certain circumstances, unevaling untrusted data can produce output code that will create objects with polluted prototypes when later evaled, meaning the output data can be a different shape from the input data. References https://github.com/sveltejs/devalue/security/advisories/GHSA-8qm3-746x-r74r https://github.com/sveltejs/devalue/commit/0f04d4d678eac39ad5d7a07d1956275d7874e81c https://github.com/sveltejs/devalue/releases/tag/v5.6.3 https://github.com/advisories/GHSA-8qm3-746x-r74r
---
**[devsupporter ํด์ค]**
์ด ๊ธฐ์ฌ๋ GitHub Security Advisories์์ ์ ๊ณตํ๋ ์ต์ ๊ฐ๋ฐ ๋ํฅ์ ๋๋ค. ๊ด๋ จ ๋๊ตฌ๋ ๊ธฐ์ ์ ๋ํด ๋ ์์๋ณด์๋ ค๋ฉด ์๋ณธ ๋งํฌ๋ฅผ ์ฐธ๊ณ ํ์ธ์.