Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Python ujson Packages Cause Memory Leaks and Buffer Overflows
MGASA-2026-0073
Summary
Some Python packages called ujson have a memory leak and a potential buffer overflow issue. This means that if a large number is input, the program might run out of memory or crash. To keep your systems safe, update your ujson packages to the latest version.
What to do
- Update python-ujson to version 5.7.0-1.1.mga9.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | python-ujson | <= 5.7.0-1.1.mga9 | 5.7.0-1.1.mga9 |
Original title
Updated python-ujson packages fix security vulnerabilities
Original description
CVE-2026-32874 ujson 5.4.0 to 5.11.0 inclusive contains an accumulating
memory leak in JSON parsing large (outside of the range [-2^63, 2^64 - 1])
integers.
ujson 5.4.0 to 5.11.0 has an integer overflow while handling a large indent
which leads to a buffer overflow or infinite loop.
memory leak in JSON parsing large (outside of the range [-2^63, 2^64 - 1])
integers.
ujson 5.4.0 to 5.11.0 has an integer overflow while handling a large indent
which leads to a buffer overflow or infinite loop.
- https://advisories.mageia.org/MGASA-2026-0073.html Vendor Advisory
- https://bugs.mageia.org/show_bug.cgi?id=35258 Third Party Advisory
- https://github.com/ultrajson/ultrajson/security/advisories/GHSA-wgvc-ghv9-3pmm Third Party Advisory
- https://lists.fedoraproject.org/archives/list/[email protected]... Third Party Advisory
Published: 29 Mar 2026 · Updated: 29 Mar 2026 · First seen: 29 Mar 2026