Lucene search
K

4 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/11/19 12:0 a.m.31 views

VulnCheck KEV: CVE-2025-1302

Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution RCE due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode. Note: This is caused by an incomplete fix for...

9.8CVSS6AI score0.10701EPSS
In wildExploits8References73
Vulnrichment
Vulnrichment
added 2025/02/15 5:0 a.m.9 views

CVE-2025-1302

Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution RCE due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode. Note: This is caused by an incomplete fix for...

9.8CVSS10AI score0.10701EPSS
Exploits5References4
Snyk
Snyk
added 2025/01/10 1:6 a.m.4 views

Remote Code Execution (RCE)

Overview org.webjars.npm:jsonpath-plus is an A JS implementation of JSONPath with some additional operators Affected versions of this package are vulnerable to Remote Code Execution RCE due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the...

9.8CVSS7.8AI score0.10701EPSS
Exploits8References2
Snyk
Snyk
added 2025/01/10 1:6 a.m.6 views

Remote Code Execution (RCE)

Overview jsonpath-plus is an A JS implementation of JSONPath with some additional operators Affected versions of this package are vulnerable to Remote Code Execution RCE due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usag...

9.8CVSS7.8AI score0.10701EPSS
Exploits5References2
Rows per page
Query Builder