Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
Vulnerabilities
search
All ecosystems
767861
AlmaLinux
5242
Alpaquita
11478
Alpine
4350
Android
3403
Azure Linux
12016
BellSoft Hardened Containers
572
Bitnami
8264
Chainguard
9229
CleanStart
1652
CRAN
14
crates.io
2561
Debian
59722
Echo
6669
GHC
3
GIT
93379
GitHub Actions
54
Go
8148
Hackage
32
Hex
182
Julia
989
Linux
25415
Mageia
6011
Maven
6690
MinimOS
86795
npm
222154
NuGet
1770
opam
19
openEuler
7186
openSUSE
13448
OSS-Fuzz
3958
Packagist
6664
Pub
11
PyPI
22362
Red Hat
21177
Rocky Linux
3619
Root
17380
RubyGems
4550
SUSE
21326
SwiftURL
58
TuxCare
5651
Ubuntu
57187
VSCode
20
Wolfi
6451
ID
Packages
Summary
Published
arrow_upward
Attributes
PYSEC-2026-1057
PyPI/ujson
Incorrect handling of invalid surrogate pair characters
6 days ago
Fix available
Severity - 7.5 (High)
PYSEC-2026-1056
PyPI/ujson
Potential double free of buffer during string decoding
6 days ago
Fix available
Severity - 5.9 (Medium)
GHSA-3j69-69wj-xqx2
PyPI/ujson
UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps()
19 Jun
Fix available
Severity - 6.5 (Medium)
GHSA-c38f-wx89-p2xg
PyPI/ujson
UltraJSON has a Memory Leak in ujson.dump() on Write Failure
12 May
Fix available
Severity - 8.7 (High)
GHSA-c8rr-9gxc-jprv
PyPI/ujson
UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop
18 Mar
Fix available
Severity - 7.5 (High)
GHSA-wgvc-ghv9-3pmm
PyPI/ujson
UltraJSON has a Memory Leak parsing large integers allows DoS
18 Mar
Fix available
Severity - 7.5 (High)
GHSA-wpqr-jcpx-745r
PyPI/ujson
Incorrect handling of invalid surrogate pair characters
05 Jul 2022
Fix available
Severity - 7.5 (High)
GHSA-fm67-cv37-96ff
PyPI/ujson
Potential double free of buffer during string decoding
05 Jul 2022
Fix available
Severity - 5.9 (Medium)
OSV-2021-1809
PyPI/ujson
github.com/ultrajson/ultrajson.git
Heap-buffer-overflow in ujson.cpython-38-x86_64-linux-gnu.so
25 Feb 2022
Fix available
GHSA-fh56-85cw-5pq6
PyPI/ujson
UltraJSON vulnerable to Out-of-bounds Write
21 Jan 2022
Fix available
Severity - 6.8 (Medium)
PYSEC-2022-25
PyPI/ujson
See record for full details
01 Jan 2022
Fix available
OSV-2021-955
PyPI/ujson
github.com/ultrajson/ultrajson.git
Stack-buffer-overflow in Buffer_AppendIndentUnchecked
11 Jul 2021
Fix available
PyPI - OSV