Description
In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the `sanitize()` and the `validate()` function used within schema-inspector.
Remediation
References
https://snyk.io/vuln/SNYK-JS-SCHEMAINSPECTOR-536970
https://github.com/Atinux/schema-inspector/commit/345a7b2eed11bb6128421150d65f4f83fdbb737d
Related Vulnerabilities
CVE-2020-36185 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2019-10908 Vulnerability in maven package org.airsonic.player:airsonic-main
CVE-2019-12395 Vulnerability in maven package us.dynmap:dynmap
CVE-2022-25767 Vulnerability in maven package com.bstek.ureport:ureport2-console
CVE-2018-11804 Vulnerability in maven package org.apache.spark:spark-core_2.11