Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the usage of JSON.load, which is considered unsafe when used with untrusted input. Remediation Upgrade jmespath to version 1.6.1 or higher. References - GitHub Commit - GitHub PR...