Jsonata-js Jsonata
3 CVEs affecting Jsonata-js Jsonata. Latest disclosed: 2026-07-17. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-27307 | Critical | 9.8 | 2024-03-06 | JSONata is a JSON query and transformation language. Starting in version 1.4.0 and prior to version 1.8.7 and 2.0.4, a malicious expression can use the transfo… |
CVE-2026-52746 | High | 7.5 | 2026-07-17 | JSONata is a JSON query and transformation language. Prior to 2.2.0, malicious non-matching inputs to the $toMillis function can cause superlinear backtracking… |
CVE-2026-12208 | Medium | 5.3 | 2026-06-15 | A weakness has been identified in jsonata-js jsonata up to 2.2.0. The affected element is the function createFrame of the file src/jsonata.js of the component… |