ujson@4.3.0 vulnerabilities

Ultra fast JSON encoder and decoder for Python

Known vulnerabilities in the ujson package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Improper Handling of Syntactically Invalid Structure ujson is an Ultra fast JSON encoder and decoder for Python Affected versions of this package are vulnerable to Improper Handling of Syntactically Invalid Structure due to incorrect decoding of JSON strings that contain escaped surrogate characters that are not part of a proper surrogate pair. This allows data corruption, and therefore impacts the integrity of the target application, as well as potentially impacting the availability of dictionary data. How to fix Improper Handling of Syntactically Invalid Structure? Upgrade `ujson` to version 5.4.0 or higher.	[,5.4.0)
M Double Free ujson is an Ultra fast JSON encoder and decoder for Python Affected versions of this package are vulnerable to Double Free on string decoding, if `realloc` fails. NOTE: According to the maintainer, this issue is "impossible to trigger from Python". How to fix Double Free? Upgrade `ujson` to version 5.4.0 or higher.	[,5.4.0)
H Out-of-Bounds Write ujson is an Ultra fast JSON encoder and decoder for Python Affected versions of this package are vulnerable to Out-of-Bounds Write via a stack-based buffer overflow in `Buffer_AppendIndentUnchecked` (called from `encode`). How to fix Out-of-Bounds Write? Upgrade `ujson` to version 5.2.0 or higher.	[1.34,5.2.0)