SUSE CVE-2013-6371

The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service CPU consumption via crafted JSON data, involving collisions...

Mageia: Security Advisory (MGASA-2014-0175)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2014-0703)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandriva Linux Security Advisory : json-c (MDVSA-2015:102)

Updated json-c packages fix security vulnerabilities : Florian Weimer reported that the printbuf APIs used in the json-c library used ints for counting buffer lengths, which is inappropriate for 32bit architectures. These functions need to be changed to using sizet if possible for sizes, or to be...

IBM DB2 10.5 < Fix Pack 4 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 10.5 running on the remote host is affected by the following vulnerabilities : - An error exists related to JavaScript Object Notation JSON-C handling, string parsing, and the hash function that allows denial of service attacks. CVE-2013-6371 ...

RHEL 7 : json-c (RHSA-2014:0703)

Updated json-c packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Oracle Linux 7 : json-c (ELSA-2014-0703)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0703 advisory. - fix has collision CVE-2013-6371 - fix buffer overflow CVE-2013-6370 Tenable has extracted the preceding description block directly from the Oracle...

json-c security update

0.11-4 - fix has collision CVE-2013-6371 - fix buffer overflow CVE-2013-6370 - enable upstream test suite...

RedHat Update for json-c RHSA-2014:0703-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : json-c vulnerabilities (USN-2245-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2245-1 advisory. Florian Weimer discovered that json-c incorrectly handled buffer lengths. An attacker could use this issue with a specially-crafted large JSON document t...

openSUSE Security Update : json-c (openSUSE-SU-2014:0558-1)

This json-c update fixes the following two security issue : - bnc870147: Fixed buffer overflow if sizet is larger than int CVE-2013-6370. - bnc870147: Fixed possible hash collision DoS CVE-2013-6371. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

USN-2245-1 json-c vulnerabilities

Florian Weimer discovered that json-c incorrectly handled buffer lengths. An attacker could use this issue with a specially-crafted large JSON document to cause json-c to crash, resulting in a denial of service. CVE-2013-6370 Florian Weimer discovered that json-c incorrectly handled hash arrays. ...

Moderate: Red Hat Security Advisory: json-c security update

Updated json-c packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Fedora 19 : json-c-0.11-6.fc19 (2014-4975)

Address CVE-2013-6370 and CVE-2013-6371. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

DEBIAN-CVE-2013-6371

The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service CPU consumption via crafted JSON data, involving collisions...

CVE-2013-6371

CVE-2013-6371 affects json-c prior to 0.12. The issue is a hash collision denial-of-service in the JSON-C hash function used during string parsing, allowing an attacker to cause high CPU/DoS with crafted JSON data. Public advisories (Red Hat RHSA-2014:0703, Oracle/OpenSUSE/NASL/ Mandriva entries,...

CVE-2013-6371

The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service CPU consumption via crafted JSON data, involving collisions...

Fedora 20 : json-c-0.11-6.fc20 (2014-5006)

Address CVE-2013-6370 and CVE-2013-6371. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

Mandriva Linux Security Advisory : json-c (MDVSA-2014:079)

Updated json-c packages fix security vulnerabilities : Florian Weimer reported that the printbuf APIs used in the json-c library used ints for counting buffer lengths, which is inappropriate for 32bit architectures. These functions need to be changed to using sizet if possible for sizes, or to be...

Updated json-c packages fix security vulnerabilities

Updated json-c packages fix security vulnerabilities: Florian Weimer reported that the printbuf APIs used in the json-c library used ints for counting buffer lengths, which is inappropriate for 32bit architectures. These functions need to be changed to using sizet if possible for sizes, or to be...