CVE-2025-67221

medium Red Hat
CVSS v3 Base Score
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Published: January 22, 2026
Last Modified: January 22, 2026
Vendor: Red Hat

Description

The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for deeply nested JSON documents.

Affected Products

OpenShift LightspeedRed Hat Ansible Automation Platform 2Red Hat Enterprise Linux AI (RHEL AI) 3Red Hat OpenShift AI (RHOAI)

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 github.com 🔗 github.com