Skip to main content

Json Pattern Validator

2 CVEs product

Monthly

CVE-2020-17479 npm CRITICAL POC PATCH Act Now

jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a corrupted array. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Json Pattern Validator
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2019-19507 npm MEDIUM POC PATCH This Month

In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor':. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Json Pattern Validator
NVD GitHub
CVSS 3.1
5.3
EPSS
1.0%
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a corrupted array. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Json Pattern Validator
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor':. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Json Pattern Validator
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy