Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| Newtonsoft.Json(NuGet) | 0 | 13.0.1 | N/A |
CVSS Metrics
