npm package
json-pointer
pkg:npm/json-pointer
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-4742 | — | < 0.6.2 | 0.6.2 | Dec 26, 2022 | A vulnerability, which was classified as critical, has been found in json-pointer up to 0.6.1. Affected by this issue is the function set of the file index.js. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The | ||
| CVE-2021-23820 | — | < 0.6.2 | 0.6.2 | Nov 3, 2021 | This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays. | ||
| CVE-2020-7709 | — | < 0.6.1 | 0.6.1 | Oct 5, 2020 | This affects the package json-pointer before 0.6.1. Multiple reference of object using slash is supported. |
- CVE-2022-4742Dec 26, 2022affected < 0.6.2fixed 0.6.2
A vulnerability, which was classified as critical, has been found in json-pointer up to 0.6.1. Affected by this issue is the function set of the file index.js. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The
- CVE-2021-23820Nov 3, 2021affected < 0.6.2fixed 0.6.2
This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays.
- CVE-2020-7709Oct 5, 2020affected < 0.6.1fixed 0.6.1
This affects the package json-pointer before 0.6.1. Multiple reference of object using slash is supported.