58 matches found
Arbitrary Command Execution
jmespath is vulnerable to arbitrary command execution. An attacker is able to inject and execute arbitrary commands due to the unsafe usage of JSON.load where JSON.parse is preferable...
GHSA-5C5F-7VFQ-3732 JMESPath for Ruby uses unsafe JSON.load when safe JSON.parse is preferable
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
JMESPath for Ruby uses unsafe JSON.load when safe JSON.parse is preferable
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
JMESPath for Ruby using JSON.load instead of JSON.parse
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
CVE-2022-32511
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
CVE-2022-32511
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
DEBIAN-CVE-2022-32511
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
UBUNTU-CVE-2022-32511
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
CVE-2022-32511
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
CVE-2022-32511
jmespath.rb aka JMESPath for Ruby before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable...
CVE-2022-32511
CVE-2022-32511 affects the Ruby gem jmespath.rb (JMESPath for Ruby)
jmespath.rb 安全漏洞
jmespath.rb is the Ruby implementation of JMESPath. A security vulnerability exists in jmespath.rb versions prior to 1.6.1. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...
new packages: python-jmespath
An update is available for python-jmespath. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
Mageia: Security Advisory (MGASA-2019-0234)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-RU-2019:2505-1 Recommended update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner
This update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner fixes the following issues: python-pip was updated to 10.0.1...
Updated ansible packages fix security vulnerability
Updated ansible package fixes security vulnerability: A flaw was discovered in the way Ansible templating was implemented before version 2.7.12, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the...
MGASA-2019-0234 Updated ansible packages fix security vulnerability
Updated ansible package fixes security vulnerability: A flaw was discovered in the way Ansible templating was implemented before version 2.7.12, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the...
Moderate: Red Hat Security Advisory: ansible security, bug fix, and enhancement update
An update for ansible is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...