Описание
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification
A flaw was found in jansson. An out-of-bounds read-access bug is possible due to a parsing error in json_loads. The highest threat from this vulnerability is do system availability.
Отчет
A CVE was incorrectly assigned for this issue, which was a problem in the fuzzer code and not in the jansson library itself.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | jansson | Not affected | ||
| Red Hat Enterprise Linux 8 | jansson | Not affected | ||
| Red Hat Enterprise Linux 9 | jansson | Not affected | ||
| Red Hat JBoss Core Services | jbcs-httpd24-jansson | Not affected |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification
An issue was discovered in Jansson through 2.13.1. Due to a parsing er ...
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug.
7.5 High
CVSS3