CVE-2024-21907 in Newtonsoft.Json情報

要約

〜によって MITRE • 2024年01月03日

Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

予約する

2024年01月03日

公開

2024年01月03日

モデレーション

承諾済み

エントリ

VDB-249622

CPE

準備完了

CWE

CWE-755 (確認済み)

CVSS

7.5 (NVD)

EPSS

0.02228

KEV

いいえ

アクティビティ

非常低い

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-21907
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-21907
CVE Details	https://www.cvedetails.com/cve/CVE-2024-21907/

◂ 前概要次 ▸

Want to know what is going to be exploited?

We predict KEV entries!