CVE-2020-17479

CVE-2020-17479

EPSS 2.5%

jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a corrupted array.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://blog.sonatype.com/cve-2020-17479 https://github.com/manvel-khnkoyan/jpv/commit/e3eec1215caa8d5c560f5e88d0943422831927d6 https://github.com/manvel-khnkoyan/jpv/issues/10 https://www.npmjs.com/package/jpv