0.001 Low
EPSS
Percentile
45.5%
jpv is vulnerable to prototype pollution. Insufficient validation of JSON input allows the bypass of the validation logics of jpv. The built-in constructor can be overwritten to manipulate the type detection result.
github.com/manvel-khnkoyan/jpv/issues/6
www.npmjs.com/package/jpv