Lucene search
K

159 matches found

OSV
OSV
added 2026/03/20 1:35 a.m.6 views

CVE-2026-32875 UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...

7.5CVSS6.3AI score0.00469EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/03/20 1:35 a.m.50 views

CVE-2026-32875 UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...

7.5CVSS0.00469EPSS
Exploits1References3
OSV
OSV
added 2026/03/18 1:1 p.m.3 views

GHSA-C8RR-9GXC-JPRV UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop

Summary ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent parameter and the nested depth of the input exceeds INT32MAX. It can also get stuck in an infinite loop if the indent is a large negative number. Both are caused by an integer overflow/underflow...

7.5CVSS6AI score0.00469EPSS
Exploits1References5
Snyk
Snyk
added 2026/03/18 1:1 p.m.7 views

Integer Overflow or Wraparound

Overview ujson is an Ultra fast JSON encoder and decoder for Python Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the indent parameter in the dumps, dump, or encode functions. An attacker can cause a crash or infinite loop by supplying large or negative...

8.2CVSS5.8AI score0.00469EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/18 1:1 p.m.7 views

UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop

Summary ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent parameter and the nested depth of the input exceeds INT32MAX. It can also get stuck in an infinite loop if the indent is a large negative number. Both are caused by an integer overflow/underflow...

7.5CVSS6AI score0.00469EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: indent (CVE-2023-40305)

The version of indent installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40305 advisory. - GNU indent 2.2.13 has a heap-based buffer overflow in searchbrace in indent.c via a crafted file...

5.5CVSS6AI score0.00424EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-44897

Malicious code in bioql PyPI...

5.5CVSS5.4AI score0.00424EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-0348

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.0155EPSS
Exploits1References20
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-40305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU indent 2.2.13 has a heap-based buffer overflow in searchbrace in indent.c via a crafted file. CVE-2023-40305 Note that Nessus relies on the presence of the...

5.5CVSS5.8AI score0.00424EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-0911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigge...

5.5CVSS6.2AI score0.00312EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/05/15 9:13 p.m.11 views

CVE-2023-40305 affecting package indent for versions less than 2.2.13-1

CVE-2023-40305 affecting package indent for versions less than 2.2.13-1. A patched version of the package is available...

5.5CVSS7AI score0.00424EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/03/14 7:0 a.m.2 views

GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file.

...

5.5CVSS5.5AI score0.00424EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/24 12:0 a.m.17 views

EulerOS 2.0 SP8 : indent (EulerOS-SA-2024-2474)

According to the versions of the indent package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted...

5.5CVSS5.8AI score0.00312EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/09/23 12:0 a.m.7 views

Huawei EulerOS: Security Advisory for indent (EulerOS-SA-2024-2474)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00312EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/07/22 12:0 a.m.8 views

Huawei EulerOS: Security Advisory for indent (EulerOS-SA-2024-2036)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00312EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.19 views

EulerOS 2.0 SP8 : indent (EulerOS-SA-2024-2036)

According to the versions of the indent package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted...

5.5CVSS5.8AI score0.00312EPSS
Exploits0References2
OSV
OSV
added 2024/06/15 12:0 a.m.7 views

OPENSUSE-SU-2024:13700-1 indent-2.2.13-3.1 on GA media

These are all security issues fixed in the indent-2.2.13-3.1 package on the GA media of openSUSE Tumbleweed...

5.5CVSS5.5AI score0.00312EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/04/15 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2024-0122)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.6AI score0.00312EPSS
Exploits0References4
OSV
OSV
added 2024/04/12 8:45 p.m.6 views

MGASA-2024-0122 Updated indent packages fix security vulnerability

A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash. CVE-2024-0911...

5.5CVSS6.6AI score0.00312EPSS
Exploits0References3
Mageia
Mageia
added 2024/04/12 8:45 p.m.49 views

Updated indent packages fix security vulnerability

A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash. CVE-2024-0911...

5.5CVSS7.2AI score0.00312EPSS
Exploits0References2
Rows per page
Query Builder