AIKIDO-2025-10096
jsonpath-plus is vulnerable to Remote Code Execution (RCE)
90
Critical
jsonpath-plus js
AIKIDO-2025-10096: jsonpath-plus is vulnerable to Remote Code Execution (RCE) in versions 10.2.0 - 10.2.0.
Remote Code Execution (RCE)
Vuln in 10.2.0 - 10.2.0
Fixed in 10.3.0
CVE-2024-21534
TL;DR
Who does this affect?
How can it be fixed?
Background info
Donโt be left in the dark
With in-house intel and access to top vulnerability databases, see it all with Aikido.
ยฉ 2024 Aikido Security BV | BE0792914919
๐ช๐บ Registered address: Coupure Rechts 88, 9000, Ghent, Belgium
๐ช๐บ Office address: Gebroeders van Eyckstraat 2, 9000, Ghent, Belgium
๐บ๐ธ Office address: 95 Third St, 2nd Fl, San Francisco, CA 94103, US
Any use of the intel.aikido.dev website and content is explicitly subject to Aikido Terms of Use.
The Intel vulnerability and malware feed is licensed under a dual license.