66 matches found
MiracleLinux 8 : yajl-2.1.0-11.el8 (AXSA:2022-4173:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4173:02 advisory. yajl: heap-based buffer overflow when handling large inputs due to an integer overflow CVE-2022-24795 Tenable has extracted the preceding description block...
Linux Distros Unpatched Vulnerability : CVE-2022-24795
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to...
Azure Linux 3.0 Security Update: rubygem-yajl-ruby (CVE-2022-24795)
The version of rubygem-yajl-ruby installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24795 advisory. - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the...
CVE-2022-24795 affecting package rubygem-yajl-ruby for versions less than 1.4.3-1
CVE-2022-24795 affecting package rubygem-yajl-ruby for versions less than 1.4.3-1. An upgraded version of the package is available that resolves this issue...
RHEL 8 : yajl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - yajl: heap-based buffer overflow when handling large inputs due to an integer overflow CVE-2022-24795 -...
Moderate: Red Hat Security Advisory: yajl security update
An update for yajl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
RHEL 8 : yajl (RHSA-2024:2063)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2063 advisory. Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C, and a small validating JSON generator. Securi...
CentOS 9 : yajl-2.1.0-21.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the yajl-2.1.0-21.el9 build changelog. - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow whic...
Rocky Linux 8 : yajl (RLSA-2022:7524)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7524 advisory. - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to...
Debian: Security Advisory (DLA-3516-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3516 : burp - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3516 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3516-1 [email protected]...
Fedora: Security Advisory for yajl (FEDORA-2023-852b377773)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : yajl (2023-852b377773)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-852b377773 advisory. Security fix for memory leaks leading to denial of service CVE-2023-33460. Security fix for integer overflow leading to heap corruption CVE-2022-247...
Ubuntu: Security Advisory (USN-6233-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6233-1: YAJL vulnerabilities
It was discovered that YAJL was not properly performing bounds checks when decoding a string with escape sequences. If a user or automated system using YAJL were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service application...
Fedora 38 : yajl (2023-00572178e1)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-00572178e1 advisory. Security fix for memory leaks leading to denial of service CVE-2023-33460. Security fix for integer overflow leading to heap corruption CVE-2022-247...
Debian: Security Advisory (DLA-3492-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3492-1] yajl security update
Debian LTS Advisory DLA-3492-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost July 11, 2023 https://wiki.debian.org/LTS Package : yajl Version : 2.1.0-3+deb10u2 CVE ID : CVE-2017-16516 CVE-2022-24795 CVE-2023-33460 Debian Bug : 1040036 Multiple vulnerabilties have...
Amazon Linux 2 : yajl (ALAS-2023-2101)
The version of yajl installed on the remote host is prior to 2.0.4-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2101 advisory. yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer...
EulerOS Virtualization 3.0.6.0 : yajl (EulerOS-SA-2023-2217)
According to the versions of the yajl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an...