SNYK-JS-JSONPATHPLUS-8719585

SNYK-JS-JSONPATHPLUS-8719585 PUBLISHED CVSS 9.300000190734863 CRITICAL

## Overview [jsonpath-plus](https://www.npmjs.org/package/jsonpath-plus) is an A JS implementation of JSONPath with some additional operators Affected versions of this package are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of `eval='safe'` mode. **Note:** This is caused by an incomplete fix for [CVE-2024-21534](https://security.snyk.io/vuln/SNYK-JS-JSONPATHPLUS-7945884). ## Remediation Upgrade `jsonpath-plus` to version 10.3.0 or higher. ## References - [GitHub Commit](https://github.com/JSONPath-Plus/JSONPath/commit/30942896d27cb8a806b965a5ca9ef9f686be24ee) - [GitHub Gist](https://gist.github.com/nickcopi/11ba3cb4fdee6f89e02e6afae8db6456) - [Vulnerable Code](https://github.com/JSONPath-Plus/JSONPath/blob/8e4acf8aff5f446aa66323e12394ac5615c3b260/src/Safe-Script.js#L127) - [PoC in GitHub](https://github.com/EQSTLab/CVE-2025-1302) - [Nuclei Templates](https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-1302.yaml)

Risk Scores

CVSS v3.1

9.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P

Affected Products

Vendor	Product	Versions
		0

Timeline

Jan 10, 2025 CVE Updated
Feb 14, 2025 CVE Published

References

Open in Interactive Console →