/

Directory Security Advisories

Security Advisories

CVE-2022-32511

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-32511

CGA ID

CGA-jp9p-3rpx-m6mr

Severity

9.8

Critical

CVSS V3

Description

jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable.

References

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

© 2024 Chainguard. All Rights Reserved.

Product

Chainguard Images

Why Chainguard

Container Image Security Vulnerability Remediation Compliance and Risk Mitigation Software Supply Chain Security AI/ML Security

Customers

Customer Stories Chainguard Love

Company

About Us Pricing Open Source Careers Newsroom Legal

Resources

Unchained Blog Events Trust Center Documentation