High severityNVD Advisory· Published Aug 22, 2023· Updated Oct 3, 2024
CVE-2022-25024
CVE-2022-25024
Description
The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
json2xmlPyPI | < 3.14.0 | 3.14.0 |
Affected products
2- Python/json2xmldescription
Patches
Vulnerability mechanics
References
9- github.com/advisories/GHSA-8rj5-2857-877jghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-25024ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/json2xml/PYSEC-2023-149.yamlghsaWEB
- github.com/vinitkumar/json2xml/commit/a9cd75b61329801b47a8fba7473bce6c85a38b9bghsaWEB
- github.com/vinitkumar/json2xml/issues/106ghsaWEB
- github.com/vinitkumar/json2xml/pull/107ghsaWEB
- github.com/vinitkumar/json2xml/pull/107/filesghsaWEB
- packaging.python.org/en/latest/guides/analyzing-pypi-package-downloadsghsaWEB
- packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/mitre
News mentions
0No linked articles in our index yet.