Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
json project json vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-17479
jpv (aka Json Pattern Validator) prior to 2.2.2 does not properly validate input, as demonstrated by a corrupted array.
Json Pattern Validator Project Json Pattern Validator
NA
CVE-2022-41714
fastest-json-copy version 1.0.1 allows an external malicious user to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the '__proto__' property to be edited.
Fastest-json-copy Project Fastest-json-copy 1.0.1
NA
CVE-2021-4329
A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The patch is...
Json-logic-js Project Json-logic-js 2.0.0
NA
CVE-2022-45688
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows malicious users to cause a Denial of Service (DoS) via crafted JSON or XML data.
Hutool Hutool 5.8.10
Json-java Project Json-java
10 Github repositories
NA
CVE-2022-42743
deep-parse-json version 1.0.2 allows an external malicious user to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the '__proto__' property to be edited.
Deep-parse-json Project Deep-parse-json 1.0.2
5
CVSSv2
CVE-2016-2537
The is-my-json-valid package prior to 2.12.4 for Node.js has an incorrect exports['utc-millisec'] regular expression, which allows remote malicious users to cause a denial of service (blocked event loop) via a crafted string.
Is My Json Valid Project Is My Json Valid
5
CVSSv2
CVE-2018-1107
It exists that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause it to consume an excessive amount of CPU time when validated.
Is-my-json-valid Project Is-my-json-valid
5
CVSSv2
CVE-2019-18848
The json-jwt gem prior to 1.11.0 for Ruby lacks an element count during the splitting of a JWE string.
Json-jwt Project Json-jwt
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2021-3918
json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Json-schema Project Json-schema
Debian Debian Linux 10.0
3 Github repositories
NA
CVE-2022-36010
This library allows strings to be parsed as functions and stored as a specialized component, [`JsonFunctionValue`](https://github.com/oxyno-zeta/react-editable-json-tree/blob/09a0ca97835b0834ad054563e2fddc6f22bc5d8c/src/components/JsonFunctionValue.js). To do this, Javascript...
React Editable Json Tree Project React Editable Json Tree
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »