Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2021-23807

🗓️ 03 Nov 2021 17:20:29Reported by snykType 
cve
 cve🔗 web.nvd.nist.gov👁 287 Views

CVE-2021-23807 affects package jsonpointer before 5.0.0. Type confusion vulnerability leading to bypass of previous Prototype Pollution fix.

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: A security vulnerability in Node.js jsonpointer module affects IBM Cloud Automation Manager
3 Dec 202116:48
ibm
IBM Security Bulletins		Security Bulletin: IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vulnerable to multiple vulnerabilities
12 Dec 202317:28
ibm
IBM Security Bulletins		Security Bulletin: IBM Cognos Analytics is affected but not classified as vulnerable to vulnerabilities in multiple Open Source Software (OSS) components
5 Feb 202418:40
ibm
IBM Security Bulletins		Security Bulletin: IBM App Connect Enterprise Certified Container may be affected by CVE-2021-23807
6 Jan 202209:52
ibm
IBM Security Bulletins		Security Bulletin: A security vulnerability in Node.js jsonpointer affects IBM Cloud Pak for Multicloud Management Managed Services
21 Oct 202217:04
ibm
Chainguard		CVE-2021-23807 vulnerabilities
21 Mar 202522:12
cgr
Circl		CVE-2021-23807
3 Nov 202121:23
circl
CNNVD		jsonpointer 安全漏洞
3 Nov 202100:00
cnnvd
CNVD		jsonpointer type obfuscation vulnerability
8 Nov 202100:00
cnvd
Cvelist		CVE-2021-23807 Prototype Pollution
3 Nov 202117:20
cvelist
Rows per page
NVD
Node
janljsonpointerRange<5.0.0node.js
[
  {
    "product": "jsonpointer",
    "vendor": "n/a",
    "versions": [
      {
        "lessThan": "5.0.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
05 Mar 2025 16:24Current
7.2High risk
Vulners AI Score7.2
CVSS 27.5
CVSS 3.15.6 - 9.8
EPSS0.00171
CWE-843
cve202123807packagejsonpointertype confusionvulnerabilitybypassprototype pollution fix
287