npm package
@apidevtools/json-schema-ref-parser
pkg:npm/%40apidevtools/json-schema-ref-parser
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-29651 | Hig | 8.1 | >= 11.0.0, < 11.2.0 | 11.2.0 | May 20, 2024 | A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle()`, `parse()`, `resolve()`, `dereference() functions. |
- affected >= 11.0.0, < 11.2.0fixed 11.2.0
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle()`, `parse()`, `resolve()`, `dereference() functions.