23 matches found
CVE-2024-21907
Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an...
Exploit for Incorrect Privilege Assignment in Litespeedtech Litespeed_Cache
LiteSpeed Cache Privilege Escalation PoC - CVE-2024-28000...
Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, libcurl, Apache Xerces C++ XML parser, and Newtonsoft.Json may affect IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V
Summary IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V can be affected by security flaws in IBM WebSphere Application Server Liberty, libcurl, Apache Xerces C++ XML parser, and Newtonsoft.Json. The flaws can lead to server-side request forgery, bypass of security...
ADOKit - Azure DevOps Services Attack Toolkit
Azure DevOps Services Attack Toolkit - ADOKit is a toolkit that can be used to attack Azure DevOps Services by taking advantage of the available REST API. The tool allows the user to specify an attack module, along with specifying valid credentials API key or stolen authentication cookie for the...
Security Bulletin: Vulnerability of Newtonsoft.Json-12.0.1.22727.dll has afftected to .NET Agent
Summary .NET Agent is vulnerable to Newtonsoft.Json 12.0.1.22727.dll. This fix has upgraded Newtonsoft.Json from Newtonsoft.Json-12.0.1.22727.dll to Newtonsoft.Json.13.0.3 Vulnerability Details IBM X-Force ID: 234366 DESCRIPTION: Newtonsoft.Json is vulnerable to a denial of service, caused by...
Duplicate Advisory: Improper Handling of Exceptional Conditions in Newtonsoft.Json
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5crp-9r3c-p9vr. This link is maintained to preserve external references. Original Description Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted...
GHSA-8RFX-6MR3-5JH3 Duplicate Advisory: Improper Handling of Exceptional Conditions in Newtonsoft.Json
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5crp-9r3c-p9vr. This link is maintained to preserve external references. Original Description Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted...
CVE-2024-21907
Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an...
CVE-2024-21907
Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an...
Race condition
Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an...
CVE-2024-21907
Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an...
CVE-2024-21907 Improper Handling of Exceptional Conditions in Newtonsoft.Json
Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an...
CVE-2024-21907 Improper Handling of Exceptional Conditions in Newtonsoft.Json
Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an...
CVE-2024-21907
CVE-2024-21907 affects Newtonsoft.Json before 13.0.1. Crafted data passed to JsonConvert.DeserializeObject may trigger a StackOverflow, causing denial of service; exploitation may be possible remotely and without authentication depending on how the library is used. IBM and Microsoft advisories co...
Security Bulletin: IBM Cognos Command Center is affected by multiple vulnerabilities (CVE-2023-21939, CVE-2023-21967, CVE-2022-29117, XFID: 234366)
Summary There are vulnerabilities in IBM® Semeru Java™ Version 11 used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.4 Fix Pack 1 IF19 has addressed the applicable CVEs by upgrading to IBM® Semeru JRE 11.0.19.0 CVE-2023-21939, CVE-2023-21967. The following 3rd party components used...
Security Bulletin: A vulnerability in Newtonsoft.Json may affect IBM Robotic Process Automation and result in a denial of service (IBM X-Force ID: 234366).
Summary There is a vulnerability in Newtonsoft.Json used by IBM Robotic Process Automation as part of it's infrastructure, which may result in a denial of service. IBM X-Force ID: 234366. This bulletin identifies the security fixes to apply to address this vulnerability. Vulnerability Details IBM...
Security Bulletin: Vulnerability in Newtonsoft.Json may affect IBM Spectrum Protect Snapshot for Windows
Summary IBM Spectrum Protect Snapshot for Windows may be affected by a denial of service vulnerability in Newtonsoft.Json Vulnerability Details IBM X-Force ID: 234366 DESCRIPTION: Newtonsoft.Json is vulnerable to a denial of service, caused by improper handling of StackOverFlow exception SOE...
Security Bulletin: Vulnerability in Newtonsoft.Json may affect IBM Spectrum Protect Plus Exchange agent
Summary The IBM Spectrum Protect Plus Exchange agent may be affected by a denial of service vulnerability in Newtonsoft.Json. Vulnerability Details IBM X-Force ID: 234366 DESCRIPTION: Newtonsoft.Json is vulnerable to a denial of service, caused by improper handling of StackOverFlow exception SOE...
Security Bulletin: IBM Robotic Process Automation may be vulnerable to denail of service due to Newtonsoft.Json (IBM X-Force ID: 234366)
Summary Newtonsoft.Json is used by IBM Robotic Process Automation as part of JSON processing for .NET. IBM X-Force ID: 234366 Vulnerability Details IBM X-Force ID: 234366 DESCRIPTION: Newtonsoft.Json is vulnerable to a denial of service, caused by improper handling of StackOverFlow exception SOE...
GHSA-5CRP-9R3C-P9VR Improper Handling of Exceptional Conditions in Newtonsoft.Json
Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of expressions with high nesting level that lead to StackOverFlow exception or high CPU and RAM usage. Exploiting this vulnerability results in Denial Of Service DoS. The serialization and...