Lucene search

K

Ultrajson Security Vulnerabilities

cve
cve

CVE-2022-31116

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides...

7.5CVSS

7.3AI Score

0.002EPSS

2022-07-05 06:15 PM
80
8
cve
cve

CVE-2022-31117

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON uses the internal decoder, this double free is...

5.9CVSS

6.3AI Score

0.002EPSS

2022-07-05 06:15 PM
88
8
cve
cve

CVE-2021-45958

UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of...

5.5CVSS

5.8AI Score

0.001EPSS

2022-01-01 12:15 AM
107
2