Skip to main content

Jmespath

1 CVEs product

Monthly

CVE-2022-32511 Ruby CRITICAL PATCH GHSA Act Now

jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jmespath Fedora
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
2.1%
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jmespath Fedora
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy