Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
json project vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-23459
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer typ...
Json++ Project Json++ 1.0.0
Json++ Project Json++ 1.0.1
7.5
CVSSv3
CVE-2022-23460
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized (ASAN) build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue...
Json++ Project Json++ 1.0.0
Json++ Project Json++ 1.0.1
9.8
CVSSv3
CVE-2018-17072
JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y.
Json++ Project Json++
7.5
CVSSv3
CVE-2020-8237
Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack.
Json-bigint Project Json-bigint
7.5
CVSSv3
CVE-2016-20003
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest/json Project Rest/json
9.8
CVSSv3
CVE-2016-20004
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest/json Project Rest/json
7.5
CVSSv3
CVE-2016-20007
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest/json Project Rest/json
7.5
CVSSv3
CVE-2016-20008
The REST/JSON project 7.x-1.x for Drupal allows session enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest/json Project Rest/json
7.5
CVSSv3
CVE-2023-5072
Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.
Json-java Project Json-java
2 Github repositories
9.8
CVSSv3
CVE-2016-20001
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest/json Project Rest/json
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »