Nixpkgs Security Tracker

Dismissed

Permalink CVE-2024-21907

updated 1 month, 3 weeks ago by @Erethon Activity log

Created automatic suggestion 2 months ago
@Erethon dismissed 1 month, 3 weeks ago
@Erethon accepted 1 month, 3 weeks ago
@Erethon dismissed 1 month, 3 weeks ago
@Erethon accepted 1 month, 3 weeks ago
@Erethon dismissed 1 month, 3 weeks ago
@Erethon accepted 1 month, 3 weeks ago
@Erethon dismissed 1 month, 3 weeks ago
@Erethon accepted 1 month, 3 weeks ago
@Erethon dismissed 1 month, 3 weeks ago
@Erethon accepted 1 month, 3 weeks ago
@Erethon dismissed 1 month, 3 weeks ago

Improper Handling of Exceptional Conditions in Newtonsoft.Json

Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.

Affected products

Newtonsoft.Json

<13.0.1

Matching in nixpkgs

pkgs.dotnetPackages.NewtonsoftJson

None

nixos-unstable 11.0.2
- nixpkgs-unstable 11.0.2
- nixos-unstable-small 11.0.2
nixos-25.05 -
- nixos-25.05-small 11.0.2

dismiss test

Suggestion detail

Affected products

Matching in nixpkgs

pkgs.dotnetPackages.NewtonsoftJson