- Description
- Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.
- Source
- disclosure@vulncheck.com
- NVD status
- Modified
- Products
- json.net
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
#VulnerabilityReport #Windows Patch Tuesday: Microsoft Fixes 86 Flaws, Including 9 Critical and 2 Zero-Days (CVE-2025-55234 & CVE-2024-21907) https://t.co/XwtnEbsp9T
@Komodosec
17 Oct 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
September #PatchTuesday: 176 fixes, five critical RCEs, and multiple zero-days. Key priorities include SQL Server (CVE-2024-21907), Azure HPC (CVE-2025-55232), and SMB server (CVE-2025-55234). Full analysis 👉 https://t.co/gy4h6Rk61u https://t.co/iPrkDU1JZb
@rapid7
12 Sept 2025
1365 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
今日はいろんなぱっちちゅうずでー ▼Microsoft 2025 年 9 月のセキュリティ更新プログラム (月例) https://t.co/3HGdf04I8w CVE-2025-55234 →Windows SMB の特権昇格の脆弱性 CVE-2024-21907 →Newtonsoft.Json での例外的な状態の不適
@taku888infinity
9 Sept 2025
398 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft Patch Tuesday: 81 vulnerabilidades corregidas, incluidas dos zero-day en SMB Server (CVE-2025-55234) y Newtonsoft.Json (CVE-2024-21907), además de fallos críticos en NTLM, NTFS y Microsoft Office. ¡Actualiza de inmediato! https://t.co/T18lkShM8c
@CompunetChile
9 Sept 2025
122 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:newtonsoft:json.net:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7713CE4-2B29-46C2-8416-75B9F3C258F6",
"versionEndExcluding": "13.0.1"
}
],
"operator": "OR"
}
]
}
]