3 matches found
ROOT-APP-COMPOSER-CVE-2026-54133 CVE-2026-54133 in mtdowling/jmespath.php - Patched by Root
Root has patched CVE-2026-54133 in the mtdowling/jmespath.php package for Root:Composer. Multiple fixed versions available...
CVE-2026-54133
Technical details (affected versions, impact specifics, and remediation) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-54133 jmespath.php has CompilerRuntime code injection via unescaped function names
jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elements from a JSON document, in PHP applications with PHP data structures. Versions prior to 2.9.1 can generate and execute attacker-controlled PHP code when JmesPath\CompilerRuntime is used with an...