Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
json project json vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-23459
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer typ...
Json\\+\\+ Project Json\\+\\+ 1.0.0
Json\\+\\+ Project Json\\+\\+ 1.0.1
7.5
CVSSv3
CVE-2022-23460
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized (ASAN) build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue...
Json\\+\\+ Project Json\\+\\+ 1.0.0
Json\\+\\+ Project Json\\+\\+ 1.0.1
9.8
CVSSv3
CVE-2018-17072
JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y.
Json\\+\\+ Project Json\\+\\+
9.8
CVSSv3
CVE-2022-4742
A vulnerability, which was classified as critical, has been found in json-pointer up to 0.6.1. Affected by this issue is the function set of the file index.js. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution...
Json-pointer Project Json-pointer
9.8
CVSSv3
CVE-2021-23509
This affects the package json-ptr prior to 3.0.0. A type confusion vulnerability can lead to a bypass of CVE-2020-7766 when the user-provided keys used in the pointer parameter are arrays.
Json-ptr Project Json-ptr
7.5
CVSSv3
CVE-2023-34610
An issue exists json-io thru 4.14.0 allows malicious users to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
Json-io Project Json-io
7.5
CVSSv3
CVE-2023-34612
An issue exists ph-json thru 9.5.5 allows malicious users to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
Ph-json Project Ph-json
9.8
CVSSv3
CVE-2022-25921
All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor.
Morgan-json Project Morgan-json
9.8
CVSSv3
CVE-2020-7766
This affects all versions of package json-ptr. The issue occurs in the set operation (https://flitbit.github.io/json-ptr/classes/_src_pointer_.jsonpointer.htmlset) when the force flag is set to true. The function recursively set the property in the target object, however it does ...
Json-ptr Project Json-ptr
9.8
CVSSv3
CVE-2016-20001
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »