A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle()
, parse()
, resolve()
, dereference()
functions.
CPE | Name | Operator | Version |
---|---|---|---|
@apidevtools/json-schema-ref-parser | ge | 11.0.0 | |
@apidevtools/json-schema-ref-parser | lt | 11.2.0 |