Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
NA
CVE-2024-27454
Published: 26/02/2024 Updated: 26/02/2024
Vulnerability Summary
orjson.loads in orjson prior to 3.9.15 does not limit recursion for deeply nested JSON documents.
Vulnerability Trend
References
https://github.com/ijl/orjson/issues/458
https://github.com/ijl/orjson/commit/b0e4d2c06ce06c6e63981bf0276e4b7c74e5845e
https://github.com/ijl/orjson/blob/master/CHANGELOG.md#3915
https://monicz.dev/CVE-2024-27454
https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started