{"uuid": "dfa2433a-929c-4e97-9b3d-6dd020dc1787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1302", "type": "seen", "source": "https://t.me/cvedetector/18161", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1302 - Jsonpath-Plus Remote Code Execution (RCE)\", \n  \"Content\": \"CVE ID : CVE-2025-1302 \nPublished : Feb. 15, 2025, 5:15 a.m. | 2\u00a0hours, 2\u00a0minutes ago \nDescription : Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode.  \n  \n**Note:**  \n  \nThis is caused by an incomplete fix for [CVE-2024-21534](). \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-15T08:30:33.000000Z"}