Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
json project json vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-23460
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized (ASAN) build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue...
Json++ Project Json++ 1.0.0
Json++ Project Json++ 1.0.1
9.8
CVSSv3
CVE-2022-23459
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer typ...
Json++ Project Json++ 1.0.0
Json++ Project Json++ 1.0.1
9.8
CVSSv3
CVE-2018-17072
JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y.
Json++ Project Json++
7.5
CVSSv3
CVE-2023-34610
An issue exists json-io thru 4.14.0 allows malicious users to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
Json-io Project Json-io
7.5
CVSSv3
CVE-2023-34612
An issue exists ph-json thru 9.5.5 allows malicious users to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
Ph-json Project Ph-json
7.5
CVSSv3
CVE-2023-1370
[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It exists that the code does not have any limit to...
Json-smart Project Json-smart
9.8
CVSSv3
CVE-2022-4742
A vulnerability, which was classified as critical, has been found in json-pointer up to 0.6.1. Affected by this issue is the function set of the file index.js. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution...
Json-pointer Project Json-pointer
9.8
CVSSv3
CVE-2022-25921
All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor.
Morgan-json Project Morgan-json
7.5
CVSSv3
CVE-2023-5072
Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.
Json-java Project Json-java
2 Github repositories
7.5
CVSSv3
CVE-2016-20003
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest/json Project Rest/json
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »