Sign in Subscribe

PyPI package

orjson

pkg:pypi/orjson

Vulnerabilities (2)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2025-67221		—		< 3.11.6	3.11.6	Jan 22, 2026	The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for deeply nested JSON documents.
CVE-2024-27454		—		< 3.9.15	3.9.15	Feb 26, 2024	orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents.

CVE-2025-67221Jan 22, 2026
affected < 3.11.6fixed 3.11.6
The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for deeply nested JSON documents.
CVE-2024-27454Feb 26, 2024
affected < 3.9.15fixed 3.9.15
orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents.