CVE-2025-61140
Published
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT
Description
The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.
Query and manipulate JavaScript objects with JSONPath expressions. Robust JSONPath engine for Node.js.
GitHub