Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-35381

Опубликовано: 06 дек. 2020
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Advanced Cluster Management for Kubernetes 2rhacm2/search-aggregator-rhel8Affected
Red Hat Advanced Cluster Management for Kubernetes 2rhacm2/search-collector-rhel9Affected
Red Hat Advanced Cluster Management for Kubernetes 2acmesolver-containerFixedRHEA-2021:072904.03.2021
Red Hat Advanced Cluster Management for Kubernetes 2acm-must-gather-containerFixedRHEA-2021:072904.03.2021
Red Hat Advanced Cluster Management for Kubernetes 2acm-operator-bundle-containerFixedRHEA-2021:072904.03.2021
Red Hat Advanced Cluster Management for Kubernetes 2application-ui-containerFixedRHEA-2021:072904.03.2021
Red Hat Advanced Cluster Management for Kubernetes 2cainjector-containerFixedRHEA-2021:072904.03.2021
Red Hat Advanced Cluster Management for Kubernetes 2cert-manager-controller-containerFixedRHEA-2021:072904.03.2021
Red Hat Advanced Cluster Management for Kubernetes 2cert-manager-webhook-containerFixedRHEA-2021:072904.03.2021
Red Hat Advanced Cluster Management for Kubernetes 2cert-policy-controller-containerFixedRHEA-2021:072904.03.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-129
https://bugzilla.redhat.com/show_bug.cgi?id=1908451jsonparser: GET call can lead to a slice bounds out of range

EPSS

Процентиль: 62%
0.00426
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-35381

CVSS3: 7.5
ubuntu
около 5 лет назад

jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.

nvd логотип

CVE-2020-35381

CVSS3: 7.5
nvd
около 5 лет назад

jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.

debian логотип

CVE-2020-35381

CVSS3: 7.5
debian
около 5 лет назад

jsonparser 1.0.0 allows attackers to cause a denial of service (panic: ...

github логотип

GHSA-8vrw-m3j9-j27c

CVSS3: 7.5
github
больше 3 лет назад

Denial of Service in jsonparser

EPSS

Процентиль: 62%
0.00426
Низкий

7.5 High

CVSS3