npm package
jsonata
pkg:npm/jsonata
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-27307 | — | >= 1.4.0, < 1.8.7 | 1.8.7 | Mar 6, 2024 | JSONata is a JSON query and transformation language. Starting in version 1.4.0 and prior to version 1.8.7 and 2.0.4, a malicious expression can use the transform operator to override properties on the `Object` constructor and prototype. This may lead to denial of service, remote |
- CVE-2024-27307Mar 6, 2024affected >= 1.4.0, < 1.8.7fixed 1.8.7
JSONata is a JSON query and transformation language. Starting in version 1.4.0 and prior to version 1.8.7 and 2.0.4, a malicious expression can use the transform operator to override properties on the `Object` constructor and prototype. This may lead to denial of service, remote