Kriszyp

**Name of the Vulnerable Software and Affected Versions** json-schema versions prior to 0.4.0 **Description** The issue is related to the improper control of modification of object prototype attributes, also known as 'Prototype Pollution'. This can occur when processing JSON files, potentially allowing a remote attacker to execute arbitrary code due to insufficient control over dynamically defined object characteristics. **Recommendations** For versions prior to 0.4.0, update to version 0.4.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of dynamically defined object characteristics until a patch is available.