CNNVD-202601-4748 Information

CNNVD ID

CNNVD-202601-4748

Related CVE

CVE-2025-61140

• CNNVD Published: 2026-01-28

Description (Chinese)

jsonpath是David Chester个人开发者的一个JSONPath引擎。 jsonpath 1.1.1版本存在安全漏洞，该漏洞源于value函数存在原型污染。

Description (English)

Jsonpath is a JSONPath engine for David Chester’s personal developer. Version 1.1.1 of jsonpath contains a security loophole resulting from the presence of prototype contamination in the value function.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-28

Last Modified

2026-02-24

References

https://gist.github.com/Dremig/8105c189774217222a8ebea3ed4d341d https://github.com/dchester/jsonpath

Patch

https://github.com/dchester/jsonpath/tags