Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Json-ptr ProjectJson-ptr

2 matches found

CVE
CVEadded 2021/11/03 5:20 p.m.72 views

CVE-2021-23509

CVE-2021-23509 affects the json-ptr package prior to 3.0.0. The vulnerability is described as a type confusion in the pointer parameter that can be triggered by user-provided keys, potentially enabling a bypass of CVE-2020-7766 when those keys are arrays. Related advisories (GHSA, osv, NVD entrie...

9.8CVSS7.2AI score0.01748EPSS
CVE
CVEadded 2020/11/10 3:35 p.m.66 views

CVE-2020-7766

The CVE-2020-7766 issue affects the json-ptr package and is triggered in the set operation when the force flag is true. The vulnerable path recursively sets properties on the target object but does not adequately validate the key, enabling prototype pollution. Affected versions are before 3.0.0, ...

9.8CVSS7.1AI score0.01064EPSS
Web