CVE-2025-57319

CVE: https://github.com/advisories/GHSA-ffrw-9mx8-89p8

```
pino  5.0.0-rc.1 - 9.11.0
  Depends on vulnerable versions of fast-redact
  node_modules/pino
    @stoplight/prism-cli  *
    Depends on vulnerable versions of @stoplight/prism-core
    Depends on vulnerable versions of @stoplight/prism-http
    Depends on vulnerable versions of @stoplight/prism-http-server
    Depends on vulnerable versions of pino
    node_modules/@stoplight/prism-cli
    @stoplight/prism-core  >=3.0.0-alpha.0
    Depends on vulnerable versions of pino
    node_modules/@stoplight/prism-core
      @stoplight/prism-http  0.0.1 || >=3.0.0-alpha.0
      Depends on vulnerable versions of @stoplight/prism-core
      Depends on vulnerable versions of pino
      node_modules/@stoplight/prism-http
        @stoplight/prism-http-server  *
        Depends on vulnerable versions of @stoplight/prism-core
        Depends on vulnerable versions of @stoplight/prism-http
        node_modules/@stoplight/prism-http-server
```

Please update `pino` to versions > `9.11.0` to fix this CVE

## Environment


- Version used: 5.14.2
- Environment name and version (e.g. Chrome 39, node.js 5.4): Node v22.19.0
- Operating System and version (desktop or mobile): macOS

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CVE-2025-57319 #2716

Environment

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CVE-2025-57319 #2716

Description

Environment

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions