| CVE-2026-44660 |
high |
— |
8.0 |
|
|
|
17d ago |
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump() writes to a file-like object and the write operation raises an excepti… |
| CVE-2026-32875 |
unknown |
— |
— |
|
|
|
2mo ago |
UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop |
| CVE-2026-32874 |
unknown |
— |
— |
|
|
|
2mo ago |
UltraJSON has a Memory Leak parsing large integers allows DoS |
| CVE-2022-31116 |
unknown |
— |
— |
|
|
|
4y ago |
Incorrect handling of invalid surrogate pair characters |
| CVE-2022-31117 |
unknown |
— |
— |
|
|
|
4y ago |
Potential double free of buffer during string decoding |
| CVE-2021-45958 |
unknown |
— |
— |
|
|
|
4y ago |
UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation. |