CVE-2020-12762 affecting package json-c for versions less than 0.15-2

🗓️ 31 Jan 2025 16:07:48Reported by CBL MarinerType

cbl_mariner

cbl_mariner👁 13 Views

CVE-2020-12762 security vulnerability in json-c packag

Reporter	Title	Published	Views	Family All 217
IBM Security Bulletins	Security Bulletin: IBM MQ is affected by a vulnerability in json-c (CVE-2020-12762)	18 Dec 202014:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities.	26 Jun 202422:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities	19 Jan 202313:54	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to using components with Known Vulnerabilities	25 Apr 202214:44	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in json-c may affect IBM Robotic Process Automation for Cloud Pak and result in arbitrary code execution (CVE-2020-12762).	12 Jan 202418:47	–	ibm
FreeBSD	json-c -- integer overflow and out-of-bounds write via a large JSON file	2 May 202000:00	–	freebsd
Tenable Nessus	Amazon Linux 2023 : libfastjson, libfastjson-devel (ALAS2023-2023-205)	8 Jun 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : json-c, json-c-devel (ALAS2023-2023-232)	28 Jun 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : json-c (ALAS-2020-1442)	2 Jul 202000:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libfastjson (ALAS-2023-2079)	8 Jun 202300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
CBL-Mariner	2.0	all	json-c	0.15-2	UNKNOWN

31 Jan 2025 16:07Current

8.3High risk

Vulners AI Score8.3

CVSS 26.8

CVSS 3.17.8

EPSS0.01888

SSVC

cve-2020-12762 security vulnerability json-c package versions less than 0.14-3 unix