Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
PYSEC-2026-1057
  • PyPI/ujson
Incorrect handling of invalid surrogate pair characters 6 days ago
  • Fix available
  • Severity - 7.5 (High)
PYSEC-2026-1056
  • PyPI/ujson
Potential double free of buffer during string decoding 6 days ago
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-3j69-69wj-xqx2
  • PyPI/ujson
UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps() 19 Jun
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-c38f-wx89-p2xg
  • PyPI/ujson
UltraJSON has a Memory Leak in ujson.dump() on Write Failure 12 May
  • Fix available
  • Severity - 8.7 (High)
GHSA-c8rr-9gxc-jprv
  • PyPI/ujson
UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop 18 Mar
  • Fix available
  • Severity - 7.5 (High)
GHSA-wgvc-ghv9-3pmm
  • PyPI/ujson
UltraJSON has a Memory Leak parsing large integers allows DoS 18 Mar
  • Fix available
  • Severity - 7.5 (High)
GHSA-wpqr-jcpx-745r
  • PyPI/ujson
Incorrect handling of invalid surrogate pair characters 05 Jul 2022
  • Fix available
  • Severity - 7.5 (High)
GHSA-fm67-cv37-96ff
  • PyPI/ujson
Potential double free of buffer during string decoding 05 Jul 2022
  • Fix available
  • Severity - 5.9 (Medium)
OSV-2021-1809
  • PyPI/ujson
  • github.com/ultrajson/ultrajson.git
Heap-buffer-overflow in ujson.cpython-38-x86_64-linux-gnu.so 25 Feb 2022
  • Fix available
GHSA-fh56-85cw-5pq6
  • PyPI/ujson
UltraJSON vulnerable to Out-of-bounds Write 21 Jan 2022
  • Fix available
  • Severity - 6.8 (Medium)
PYSEC-2022-25
  • PyPI/ujson
See record for full details 01 Jan 2022
  • Fix available
OSV-2021-955
  • PyPI/ujson
  • github.com/ultrajson/ultrajson.git
Stack-buffer-overflow in Buffer_AppendIndentUnchecked 11 Jul 2021
  • Fix available