First published: Mon Jun 06 2022(Updated: )
jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Jmespath Project Jmespath | <1.6.1 | |
Fedoraproject Fedora | =35 | |
Fedoraproject Fedora | =36 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.