Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.
{ "binaries": [ { "binary_version": "6.0.8+dfsg-1", "binary_name": "libnewtonsoft-json-cil-dev" }, { "binary_version": "6.0.8+dfsg-1", "binary_name": "libnewtonsoft-json5.0-cil" }, { "binary_version": "6.0.8+dfsg-1", "binary_name": "monodoc-newtonsoft-json-manual" }, { "binary_version": "6.0.8+dfsg-1", "binary_name": "nupkg-newtonsoft.json.6.0.8" } ] }
{ "binaries": [ { "binary_version": "6.0.8+dfsg-1", "binary_name": "libnewtonsoft-json-cil-dev" }, { "binary_version": "6.0.8+dfsg-1", "binary_name": "libnewtonsoft-json5.0-cil" }, { "binary_version": "6.0.8+dfsg-1", "binary_name": "monodoc-newtonsoft-json-manual" }, { "binary_version": "6.0.8+dfsg-1", "binary_name": "nupkg-newtonsoft.json.6.0.8" } ] }
{ "binaries": [ { "binary_version": "6.0.8+dfsg-1", "binary_name": "libnewtonsoft-json-cil-dev" }, { "binary_version": "6.0.8+dfsg-1", "binary_name": "libnewtonsoft-json5.0-cil" }, { "binary_version": "6.0.8+dfsg-1", "binary_name": "monodoc-newtonsoft-json-manual" }, { "binary_version": "6.0.8+dfsg-1", "binary_name": "nupkg-newtonsoft.json.6.0.8" } ] }
{ "binaries": [ { "binary_version": "6.0.8+dfsg-1.1", "binary_name": "libnewtonsoft-json-cil-dev" }, { "binary_version": "6.0.8+dfsg-1.1", "binary_name": "libnewtonsoft-json5.0-cil" }, { "binary_version": "6.0.8+dfsg-1.1", "binary_name": "monodoc-newtonsoft-json-manual" }, { "binary_version": "6.0.8+dfsg-1.1", "binary_name": "nupkg-newtonsoft.json.6.0.8" } ] }