Lucene search
K

Deserialization of Untrusted Data

🗓️ 07 Jun 2022 11:51:25Reported by Snyk Security DatabaseType 
snyk
 snyk
🔗 security.snyk.io👁 2 Views

Deserialization of untrusted data in jmespath due to unsafe JSON.load; upgrade to 1.6.1 or higher.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2022-32511
6 Jun 202222:15
attackerkb
Circl
CVE-2022-32511
7 Jun 202202:30
circl
CNNVD
jmespath.rb 安全漏洞
6 Jun 202200:00
cnnvd
CVE
CVE-2022-32511
6 Jun 202221:55
cve
Cvelist
CVE-2022-32511
6 Jun 202221:55
cvelist
Debian CVE
CVE-2022-32511
6 Jun 202221:55
debiancve
EUVD
EUVD-2022-5934
3 Oct 202520:07
euvd
Fedora
[SECURITY] Fedora 36 Update: rubygem-jmespath-1.6.1-1.fc36
17 Jun 202201:15
fedora
Fedora
[SECURITY] Fedora 35 Update: rubygem-jmespath-1.6.1-1.fc35
17 Jun 202201:19
fedora
Github Security Blog
JMESPath for Ruby uses unsafe JSON.load when safe JSON.parse is preferable
7 Jun 202200:00
github
Rows per page
Vulners
Node
jmespathjmespathRange<1.6.1

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

11 Mar 2024 09:49Current
6.9Medium risk
Vulners AI Score6.9
CVSS 3.19.8
CVSS 27.5
EPSS0.02131
2