The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service.
References
Link | Resource |
---|---|
https://github.com/vinitkumar/json2xml/issues/106 | Exploit Issue Tracking Patch |
https://github.com/vinitkumar/json2xml/pull/107 | Issue Tracking Patch |
https://github.com/vinitkumar/json2xml/pull/107/files | Patch |
https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/ | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-22T00:00:00
Updated: 2023-08-22T15:44:27.629929
Reserved: 2022-02-14T00:00:00
Link: CVE-2022-25024
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-08-22T19:16:22.173
Modified: 2023-08-25T19:20:05.170
Link: CVE-2022-25024
JSON object: View
Redhat Information
No data.
CWE