jsonpointer 安全漏洞

jsonpointer is an open source package for simple JSON addressing. jsonpointer suffers from a security vulnerability that stems from improper design or implementation during the development of code for a web-based system or product. No details of the vulnerability are currently available...

Prototype Pollution

Overview jsonpointer is a Simple JSON Addressing. Affected versions of this package are vulnerable to Prototype Pollution. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays. PoC const jsonpointer = require'jsonpointer'...

Prototype Pollution

Overview jsonpointer is a Simple JSON Addressing. Affected versions of this package are vulnerable to Prototype Pollution via the set function. POC by NerdJS const jsonpointer = require'jsonpointer'; jsonpointer.set, '/proto/polluted', true; console.logpolluted; Details Prototype Pollution is a...

@supermodel/cli (>=0.45.0 <=0.48.1), @supermodel/lib (>=0.4.4 <=0.5.0) +1 more potentially affected by unknown CVE via jsonpointer (=4.0.1)

jsonpointer NPM version =4.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on jsonpointer and may be impacted: - @supermodel/cli =0.45.0, =0.4.4, =0.0.3, =0.0.9 Source cves: unknown CVE Source advisory: SNYK:JS-JSONPOINTER-598804...