logo
DATABASE RESOURCES PRICING ABOUT US

Insecure Cryptography

Description

ujson is vulnerable to insecure cryptography. The vulnerability exists in a JSON string contains escaped surrogate characters which are not part of a proper surrogate pair, the library may decode those characters incorrectly which allows remote attackers to cause unintended behavior in the application via a specifically crafted input string.


Affected Software


CPE Name Name Version
ujson 5.3.0
ujson 1.4
py3-ujson 4.0.2-r0
py3-ujson 5.1.0-r0
py3-ujson 4.1.0-r0
py3-ujson 4.0.2-r1
py3-ujson 5.3.0-r0
py3-ujson 4.1.0-r1
py3-ujson 2.0.3-r0
py3-ujson 1.35-r5
py3-ujson 5.2.0-r0
py3-ujson:3.16 5.3.0-r0
py3-ujson:3.16 5.2.0-r0
ujson 5.3.0
ujson 1.4
py3-ujson 4.0.2-r0
py3-ujson 5.1.0-r0
py3-ujson 4.1.0-r0
py3-ujson 4.0.2-r1
py3-ujson 5.3.0-r0
py3-ujson 4.1.0-r1
py3-ujson 2.0.3-r0
py3-ujson 1.35-r5
py3-ujson 5.2.0-r0
py3-ujson:3.16 5.3.0-r0
py3-ujson:3.16 5.2.0-r0

Related