Json Pattern Validator@* Security Vulnerabilities and Issues — Json Pattern Validator@* CVE List

Lucene search

Json Pattern Validator ProjectJson Pattern Validator*

2 matches found

CVE•added 2020/08/10 8:15 p.m.•47 views

CVE-2020-17479

jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a corrupted array.

9.8CVSS9.4AI score0.00633EPSS

CVE•added 2019/12/02 5:15 p.m.•42 views

CVE-2019-19507

In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': {'name':'Array'}. This affects validate(). Hence, a crafted payload can overwrite this builtin attribute...

5.3CVSS5AI score0.00249EPSS