CVE-2022-46175HIGHCVSS 7.1fixed in node-json5 2.2.3+dfsg-1 (bookworm)2022
CVE-2022-46175 [HIGH] CVE-2022-46175: node-json5 - JSON5 is an extension to the popular JSON file format that aims to be easier to ...
JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object. This vuln
debian