JSONPath vulnerable to Prototype Pollution due to insufficient input validation of object keys in lib/index.js
The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.
Advisories for Npm/Jsonpath package
2026
The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.