CVE-2022-25024

The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service.
Configurations

Configuration 1 (hide)

cpe:2.3:a:vinitkumar:json2xml:*:*:*:*:*:python:*:*

History

21 Nov 2024, 06:51

Type Values Removed Values Added
References () https://github.com/vinitkumar/json2xml/issues/106 - Exploit, Issue Tracking, Patch () https://github.com/vinitkumar/json2xml/issues/106 - Exploit, Issue Tracking, Patch
References () https://github.com/vinitkumar/json2xml/pull/107 - Issue Tracking, Patch () https://github.com/vinitkumar/json2xml/pull/107 - Issue Tracking, Patch
References () https://github.com/vinitkumar/json2xml/pull/107/files - Patch () https://github.com/vinitkumar/json2xml/pull/107/files - Patch
References () https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/ - Product () https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/ - Product

25 Aug 2023, 19:20

Type Values Removed Values Added
First Time Vinitkumar json2xml
Vinitkumar
References (MISC) https://github.com/vinitkumar/json2xml/issues/106 - (MISC) https://github.com/vinitkumar/json2xml/issues/106 - Exploit, Issue Tracking, Patch
References (MISC) https://github.com/vinitkumar/json2xml/pull/107/files - (MISC) https://github.com/vinitkumar/json2xml/pull/107/files - Patch
References (MISC) https://github.com/vinitkumar/json2xml/pull/107 - (MISC) https://github.com/vinitkumar/json2xml/pull/107 - Issue Tracking, Patch
References (MISC) https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/ - (MISC) https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/ - Product
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-754
CPE cpe:2.3:a:vinitkumar:json2xml:*:*:*:*:*:python:*:*

22 Aug 2023, 20:10

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-22 19:16

Updated : 2024-11-21 06:51


NVD link : CVE-2022-25024

Mitre link : CVE-2022-25024

CVE.ORG link : CVE-2022-25024


JSON object : View

Products Affected

vinitkumar

  • json2xml
CWE
CWE-754

Improper Check for Unusual or Exceptional Conditions