HIGH 7.5 PyPI
GHSA-wgvc-ghv9-3pmm · CVE-2026-32874 UltraJSON has a Memory Leak parsing large integers allows DoS
Modified: 3/23/2026
package
PyPI / ujson
pkg:pypi/ujson
HIGH 7.5 PyPI
GHSA-wpqr-jcpx-745r · CVE-2022-31116 Incorrect handling of invalid surrogate pair characters
Modified: 2/21/2024
HIGH 7.5 PyPI
GHSA-c38f-wx89-p2xg · CVE-2026-44660 UltraJSON has a Memory Leak in ujson.dump() on Write Failure
Modified: 6/9/2026
HIGH 7.5 PyPI
GHSA-c8rr-9gxc-jprv · CVE-2026-32875 UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop
Modified: 3/23/2026
MEDIUM 5.5 PyPI
GHSA-fh56-85cw-5pq6 · CVE-2021-45958, PYSEC-2022-25 UltraJSON vulnerable to Out-of-bounds Write
Modified: 11/18/2024
MEDIUM 5.9 PyPI
GHSA-fm67-cv37-96ff · CVE-2022-31117 Potential double free of buffer during string decoding
Modified: 2/21/2024
— PyPI
OSV-2021-1809 Heap-buffer-overflow in ujson.cpython-38-x86_64-linux-gnu.so
Modified: 5/19/2022
— PyPI
OSV-2021-955 Stack-buffer-overflow in Buffer_AppendIndentUnchecked
Modified: 5/19/2022
— PyPI
PYSEC-2022-25 · CVE-2021-45958, GHSA-fh56-85cw-5pq6 Modified: 11/8/2023