GCVE - cpe:2.3:a:tencent:rapidjson:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:tencent:rapidjson:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Tencent (`f719dbd4-b477-5cfc-82bb-cc1efc23c3ce`)
Product	Rapidjson (`df5b1edd-8774-5a18-b1b2-945542f00e1a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/rapidjson`	purl2cpe	2026-06-01 10:17:57.102687
`pkg:deb/ubuntu/rapidjson`	purl2cpe	2026-06-01 10:17:57.102690
`pkg:github/tencent/rapidjson`	purl2cpe	2026-06-01 10:17:57.102693
`pkg:gitlab/immersaview/rapidjson`	purl2cpe	2026-06-01 10:17:57.102695
`pkg:gitlab/ubports/rapidjson`	purl2cpe	2026-06-01 10:17:57.102698
`pkg:nuget/rapidjson`	purl2cpe	2026-06-01 10:17:57.102701
`pkg:rpm/fedora/rapidjson`	purl2cpe	2026-06-01 10:17:57.102704
`pkg:rpm/opensuse/rapidjson`	purl2cpe	2026-06-01 10:17:57.102706
`pkg:sourceforge/rapidjson.mirror`	purl2cpe	2026-06-01 10:17:57.102709

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-39684`	vulnerable	2026-06-03 14:56:22.210441	Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Overflow MEDIUM (6.8) Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege. Published: 2024-07-09T18:53:53.855Z Updated: 2024-09-05T08:03:37.023Z Open on db.gcve.eu Reference links https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-38517`	vulnerable	2026-06-03 14:56:18.993137	Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Underflow MEDIUM (6.8) Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer underflow vulnerability (when the file is parsed), leading to elevation of privilege. Published: 2024-07-09T18:51:50.563Z Updated: 2024-09-05T08:03:35.926Z Open on db.gcve.eu Reference links https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38517 https://github.com/Tencent/rapidjson/pull/1261/commits/8269bc2bc289e9d343bae51cdf6d23ef0950e001 https://github.com/fmalita/rapidjson/commit/8269bc2bc289e9d343bae51cdf6d23ef0950e001	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.