Veracode Vulnerability DatabaseVERACODE:42936Denial Of Service (DoS)
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
23.0%
json2xml is vulnerable to Denial of Service (DoS) attacks. A typecode decoding error allows an attacker to cause a denial of service (DoS) attack via sending a specially crafted JSON file to the json2xml.Json2xml() function, which would cause the application to crash.
References
github.com/advisories/GHSA-8rj5-2857-877j
github.com/vinitkumar/json2xml/commit/a9cd75b61329801b47a8fba7473bce6c85a38b9b
github.com/vinitkumar/json2xml/issues/106
github.com/vinitkumar/json2xml/pull/107
github.com/vinitkumar/json2xml/pull/107/files
packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
23.0%