Vulnerability Details CVE-2022-25024
The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.7%
CVSS Severity
CVSS v3 Score 7.5
References
- https://github.com/vinitkumar/json2xml/issues/106
- https://github.com/vinitkumar/json2xml/pull/107
- https://github.com/vinitkumar/json2xml/pull/107/files
- https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/
- https://github.com/vinitkumar/json2xml/issues/106
- https://github.com/vinitkumar/json2xml/pull/107
- https://github.com/vinitkumar/json2xml/pull/107/files
- https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/
Products affected by CVE-2022-25024
-
cpe:2.3:a:vinitkumar:json2xml:*