CVE-2020-17479

CVE-2020-17479

EPSS 2.5%

jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a corrupted array.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://blog.sonatype.com/cve-2020-17479 https://github.com/manvel-khnkoyan/jpv/commit/e3eec1215caa8d5c560f5e88d0943422831927d6 https://github.com/manvel-khnkoyan/jpv/issues/10 https://www.npmjs.com/package/jpv