javascript icon indicating copy to clipboard operation
javascript copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-client

Fix CVE in jsonpath-plus (again)

Open soniqua opened this issue 4 months ago • 3 comments

Describe the bug The jsonpath-plus dependency contains a critical CVE, even after upgrading to 10.0.0: CVE-2024-21534

The library has been fixed as of version 10.0.7 or higher.

There's an open dependabot PR for resolution.

** Client Version ** 0.22.1

Environment (please complete the following information):

  • NodeJS Client

Additional context

  • Previous fix: https://github.com/kubernetes-client/javascript/issues/1926

soniqua avatar Oct 21 '24 08:10 soniqua