Ultrajson Project

Ultrajson

7 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.27%
  • Veröffentlicht 22.06.2026 20:53:07
  • Zuletzt bearbeitet 26.06.2026 20:10:54

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.13.0, ujson.dumps() (or ujson.dump() or ujson.encode()) have a reject_bytes=False option. When set, they may accept malformed or truncated UTF-8 ...

Exploit
  • EPSS 0.42%
  • Veröffentlicht 27.05.2026 20:42:59
  • Zuletzt bearbeitet 02.06.2026 18:00:03

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump() writes to a file-like object and the write operation raises an exception, the serialized JSON string object is not decrem...

  • EPSS 0.48%
  • Veröffentlicht 20.03.2026 02:16:35
  • Zuletzt bearbeitet 30.06.2026 03:18:34

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large (outside of the range [-2^63, 2^64 - 1]) integers. The leaked memory...

Exploit
  • EPSS 0.47%
  • Veröffentlicht 20.03.2026 02:16:35
  • Zuletzt bearbeitet 30.06.2026 03:18:34

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps() crashes the Python interpreter ...

Exploit
  • EPSS 2.28%
  • Veröffentlicht 05.07.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 07:03:55

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate ...

  • EPSS 1.68%
  • Veröffentlicht 05.07.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 07:03:55

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON ...

Exploit
  • EPSS 1.55%
  • Veröffentlicht 01.01.2022 00:15:08
  • Zuletzt bearbeitet 21.11.2024 06:33:22

UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.