CVE-2025-61140 - Vulnerability Details - OpenCVE

The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Dchester	Jsonpath

No data.

No data.

References

Link	Providers
https://gist.github.com/Dremig/8105c189774217222a8ebea3ed4d341d
https://github.com/dchester/jsonpath
https://nvd.nist.gov/vuln/detail/CVE-2025-61140
https://www.cve.org/CVERecord?id=CVE-2025-61140

History

Thu, 29 Jan 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Dchester Dchester jsonpath
Vendors & Products		Dchester Dchester jsonpath

Thu, 29 Jan 2026 00:15:00 +0000

Type	Values Removed	Values Added
Title		jsonpath: jsonpath: Prototype Pollution vulnerability in the value function
Weaknesses		CWE-502
References		https://nvd.nist.gov/vuln/detail/CVE-2025-61140 https://www.cve.org/CVERecord?id=CVE-2025-61140
Metrics	threat_severity `None`	cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}` threat_severity `Important`

Wed, 28 Jan 2026 16:15:00 +0000

Type	Values Removed	Values Added
Description		The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.
References		https://gist.github.com/Dremig/8105c189774217222a8ebea3ed4d341d https://github.com/dchester/jsonpath

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-01-28T00:00:00.000Z

Updated: 2026-01-28T15:55:42.516Z

Reserved: 2025-09-26T00:00:00.000Z

Link: CVE-2025-61140

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-01-28T16:16:13.547

Modified: 2026-01-28T16:16:13.547

Link: CVE-2025-61140

Redhat

Severity : Important

Publid Date: 2026-01-28T00:00:00Z

Links: CVE-2025-61140 - Bugzilla

{"bugzilla": {"description": "jsonpath: jsonpath: Prototype Pollution vulnerability in the value function", "id": "2433946", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433946"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-502", "details": ["A flaw was found in jsonpath. The `value` function is vulnerable to Prototype Pollution, a type of vulnerability that allows an attacker to inject or modify properties of an object's prototype. This can lead to various impacts, including arbitrary code execution, privilege escalation, or denial of service (DoS)."], "name": "CVE-2025-61140", "package_state": [{"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Affected", "package_name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Affected", "package_name": "mtv-candidate/mtv-console-plugin-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines/pipelines-hub-api-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines/pipelines-hub-db-migration-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines/pipelines-hub-ui-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Affected", "package_name": "ansible-automation-platform-24/lightspeed-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Affected", "package_name": "ansible-automation-platform-25/lightspeed-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Affected", "package_name": "ansible-automation-platform-26/lightspeed-rhel9", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Affected", "package_name": "ansible-on-clouds/aoc-azure-aap-installer-rhel9", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Affected", "package_name": "rhdh/rhdh-hub-rhel9", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Affected", "package_name": "rhelai3/bootc-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Affected", "package_name": "rhelai3/disk-image-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Affected", "package_name": "io.hawt-hawtio-online", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-kf-notebook-controller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-notebook-controller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:ansible_portal:2", "fix_state": "Affected", "package_name": "ansible-automation-platform/automation-portal", "product_name": "Self-service automation portal 2"}], "public_date": "2026-01-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-61140\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-61140\nhttps://gist.github.com/Dremig/8105c189774217222a8ebea3ed4d341d\nhttps://github.com/dchester/jsonpath"], "threat_severity": "Important"}