Seal Security

CVE-2024-27454

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Vulnerability Details

Score

7.5

Score Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Versions

orjson < 3.9.15

Severity

High

Ecosystem

Python

Publish Date

February 26, 2024

Modified Date

February 26, 2024