herbdool
commented
4 years ago I've added a commit in a branch https://github.com/backdrop-contrib/feeds_jsonpath_parser/commit/7de7c78b782afc069c1b9cfa7c6c067e53f6f1ae. I might just merge it. Since usage is really low, we can err on side of getting security fix in first and then fix issues later.
-- PS I'm part of Bug Squad.
See https://www.drupal.org/sa-contrib-2019-083. It's an arbitrary code execution bug.