Описание
An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.
A flaw was found in the parseit() function in json_parse.c., a test app in the json-c library. The code error does not affect the library itself.
Отчет
Vulnerable code was introduced in json-c 0.15-20200726. Red Hat Enterprise Linux ships json-c-0.14-11 and prior, therefore, it is not-affected. This issue affects a test app and not the library itself, which lowers the impact of the flaw to none.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | json-c | Not affected | ||
| Red Hat Enterprise Linux 7 | json-c | Not affected | ||
| Red Hat Enterprise Linux 8 | json-c | Not affected | ||
| Red Hat Enterprise Linux 9 | json-c | Not affected |
Показывать по
Дополнительная информация
EPSS
0 Low
CVSS3
Связанные уязвимости
An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.
An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.
An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.
An issue was discovered in json-c from 20200420 (post 0.14 unreleased ...
An issue was discovered in json-c through 0.15-20200726. A stack-buffer-overflow exists in the function parseit located in json_parse.c. It allows an attacker to cause code Execution.
EPSS
0 Low
CVSS3