Vulnerabilities > CVE-2022-25024 - Improper Check for Unusual or Exceptional Conditions vulnerability in Vinitkumar Json2Xml

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

vinitkumar

CWE-754

NVD

Published: 2023-08-22

Updated: 2023-08-25

Summary

The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service.

Vulnerable Configurations

Part	Description	Count
Application	Vinitkumar Vinitkumar Json2Xml *	1

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

References

https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/
https://github.com/vinitkumar/json2xml/pull/107/files
https://github.com/vinitkumar/json2xml/pull/107
https://github.com/vinitkumar/json2xml/issues/106