EUVD-2024-34736

Malicious code in bioql PyPI...

Malicious code in nlohmann-json (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5aa85efabb2331d4495a31e8b8101fb7a0cdd11d7c9a4724b6fbb2a3c60b9296 Any computer that has this package installed or running should be considered...

MAL-2025-711 Malicious code in nlohmann-json (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5aa85efabb2331d4495a31e8b8101fb7a0cdd11d7c9a4724b6fbb2a3c60b9296 Any computer that has this package installed or running should be considered...

Denial Of Service (DoS)

Envoy is vulnerable to Denial Of Service DoS. The vulnerability is due to how Envoy invoked the nlohmann JSON library via source/common/json/jsoninternal.cc, which could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The vulnerability allows an...

CVE-2024-38525

dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...

CVE-2024-38525 dd-trace-cpp malformed unicode header values may cause crash

dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...

CVE-2024-38525 dd-trace-cpp malformed unicode header values may cause crash

dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...

CVE-2024-34363

Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to crash...

PT-2024-25821 · Unknown +1 · Nlohmann/Json +1

Name of the Vulnerable Software and Affected Versions: Envoy affected versions not specified Description: The issue arises from how Envoy invokes the nlohmann JSON library. If incomplete UTF-8 strings are serialized from downstream data, the library can throw an uncaught exception, causing Envoy ...

OSV-2022-425 Heap-use-after-free in std::__1::__tree_node_base<void*>*& std::__1::__tree<std::__1::__value_type<std:

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47533 Crash type: Heap-use-after-free READ 1 Crash state: std::1::treenodebase& std::1::treestd::1::valuetypestd: std::1::pairstd::1::treeiteratorstd::1::valuetypestd::1::basic...

OSV-2017-59 Heap-buffer-overflow in nlohmann::basic_json<std::__1::map, std::__1::vector, std::__1::basic_string<cha

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=381 Crash type: Heap-buffer-overflow READ 1 Crash state: nlohmann::basicjsonstd::1::map, std::1::vector, std::1::basicstringcha nlohmann::basicjsonstd::1::map, std::1::vector, std::1::basicstringcha...

json: Heap-buffer-overflow in nlohmann::basic_json<std::__1::map, std::__1::vector, std::__1::basic_string<cha

Project: https://github.com/nlohmann/json.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5009340075343872 Project: json Fuzzer: libFuzzerjsonparseaflfuzzer Fuzz target binary: parseaflfuzzer Job Type: libfuzzerasanjson Platform Id: linux Crash Type: Heap-buffer-overflo...

json: Heap-buffer-overflow in nlohmann::basic_json<std::__1::map, std::__1::vector, std::__1::basic_string<cha

Project: https://github.com/nlohmann/json.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5229771923390464 Project: json Fuzzer: libFuzzerjsonparsecborfuzzer Fuzz target binary: parsecborfuzzer Job Type: libfuzzerasanjson Platform Id: linux Crash Type:...

json: Use-of-uninitialized-value in nlohmann::basic_json<std::__1::map, std::__1::vector, std::__1::basic_string<cha

Project: https://github.com/nlohmann/json.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6051806467588096 Project: json Fuzzer: libFuzzerjsonfuzzer-parsecbor Fuzz target binary: fuzzer-parsecbor Job Type: libfuzzermsanjson Platform Id: linux Crash Type:...

json: Heap-buffer-overflow in nlohmann::basic_json<std::__1::map, std::__1::vector, std::__1::basic_string<cha

Project: https://github.com/nlohmann/json.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6541936374579200 Project: json Fuzzer: libFuzzerjsonfuzzer-parsecbor Fuzz target binary: fuzzer-parsecbor Job Type: libfuzzerasanjson Platform Id: linux Crash Type:...

json: Use-of-uninitialized-value in std::__1::char_traits<char>::compare

Project: https://github.com/nlohmann/json.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6240782075822080 Project: json Fuzzer: libFuzzerjsonfuzzer-parsemsgpack Fuzz target binary: fuzzer-parsemsgpack Job Type: libfuzzermsanjson Platform Id: linux Crash Type:...

json: Heap-buffer-overflow in nlohmann::basic_json<std::__1::map, std::__1::vector, std::__1::basic_string<cha

Project: https://github.com/nlohmann/json.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6744749780238336 Project: json Fuzzer: libFuzzerjsonfuzzer-parsemsgpack Fuzz target binary: fuzzer-parsemsgpack Job Type: libfuzzerasanjson Platform Id: linux Crash Type:...

json: Heap-buffer-overflow in nlohmann::basic_json<std::__1::map, std::__1::vector, std::__1::basic_string<cha

Project: https://github.com/nlohmann/json.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6040962799239168 Project: json Fuzzer: libFuzzerjsonfuzzer-parsemsgpack Fuzz target binary: fuzzer-parsemsgpack Job Type: libfuzzerasanjson Platform Id: linux Crash Type:...