Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulnCheck
Published: 2024-01-03T15:23:04.441Z
Updated: 2024-09-06T18:26:37.445Z
Reserved: 2024-01-03T14:21:17.582Z
Link: CVE-2024-21907
Vulnrichment
Updated: 2024-08-01T22:35:33.415Z
NVD
Status : Modified
Published: 2024-01-03T16:15:08.793
Modified: 2024-11-21T08:55:14.583
Link: CVE-2024-21907
Redhat
No data.