Описание
Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode.
Note:
This is caused by an incomplete fix for CVE-2024-21534.
A flaw was found in jsonpath-plus. This vulnerability allows remote code execution (RCE) via improper input sanitization, exploiting the unsafe default usage of eval='safe' mode.
Отчет
Red Hat's initial impact rating of critical has been downgraded to low. While the vulnerable code is technically still present within Red Hat products, there are no code paths in affected products which allow exploitation. As such, the impact to Red Hat products is low. Each of the products listed have multiple components where a fixed build could occur. This distinction does not matter for users as only one build needs fixed for the product. Additionally, in Red Hat OpenShift AI, jsonpath-plus is a dependency of a direct dependency and is never loaded, as the direct dependency's feature that requires jsonpath-plus is not used.
Меры по смягчению последствий
Red Hat Product Security recommends updating the vulnerable software to the latest version.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Serverless | kn-backstage-plugins-eventmesh-rhel8 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | odh-dashboard-container | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | odh-operator-container | Not affected | ||
| Red Hat OpenShift Dev Spaces | devspaces/code-rhel8 | Fix deferred | ||
| Red Hat OpenShift Dev Spaces | devspaces/dashboard-rhel8 | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode. **Note:** This is caused by an incomplete fix for [CVE-2024-21534](https://security.snyk.io/vuln/SNYK-JS-JSONPATHPLUS-7945884).
EPSS
9.8 Critical
CVSS3