CLSA-2026-1777944852 vim: Fix of 2 CVEs

CVE-2021-3984: in findstartbrace misc1.c, when a found '' lies inside a comment, restore the full cursor position line and column instead of only the line so subsequent C-indent lookups stay within the line bounds. - CVE-2022-2571: in inscomplgetexp edit.c, when CONTADDING is active, only advance...

CLSA-2026-1777444367 vim: Fix of 9 CVEs

CVE-2021-3903: do not set VALIDBOTLINE in wvalid when the screen is not valid, preventing invalid memory access while scrolling. - CVE-2021-4069: copy the current line before regexec in exopen so the match is not using freed memory when searching for a mark flushes it. - CVE-2022-0351: limit...

USN-8219-1 ujson vulnerabilities

Cameron Criswell discovered that UltraJSON contained a memory leak that would occur when parsing large integers. An attacker could possibly use this issue to cause UltraJSON to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS...

CLSA-2026-1777389760 vim: Fix of 9 CVEs

CVE-2021-3903: do not set VALIDBOTLINE in wvalid when the screen is not valid, preventing invalid memory access while scrolling. - CVE-2021-4069: copy the current line before regexec in exopen so the match is not using freed memory when searching for a mark flushes it. - CVE-2022-0351: limit...

[SECURITY] Fedora 44 Update: kf6-ktexteditor-6.25.0-1.fc44

KTextEditor provides a powerful text editor component that you can embed in y our application, either as a KPart or using the KF6::TextEditor library if you n eed more control. The text editor component contains many useful features, from syntax highlighting and automatic indentation to advanced...

CVE-2026-32875

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...

CVE-2026-32875

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...

CVE-2026-32875

CVE-2026-32875 affects UltraJSON (Python bindings) and is evidenced across multiple feeds (Fedora advisories, IBM bulletin). The vulnerability resides in versions 5.10–5.11.0 where large indent handling can trigger an integer overflow/underflow when calculating memory for indentation, leading to ...

UltraJSON 安全漏洞

UltraJSON is an open-source, ultra-fast JSON encoder and decoder written in pure C language, and compatible with Python 3.7+. Versions of UltraJSON 5.11.0 and earlier contained security vulnerabilities; these vulnerabilities stemmed from buffer overflows or infinite loops during processing of lar...

CVE-2026-32875

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...

Linux Distros Unpatched Vulnerability : CVE-2026-32875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or...

PT-2026-26093

Name of the Vulnerable Software and Affected Versions UltraJSON versions 5.10 through 5.11.0 Description UltraJSON, a fast JSON encoder and decoder written in C, is susceptible to a buffer overflow or infinite loop when processing large indent values. Specifically, the ujson.dumps function can...

UBUNTU-CVE-2022-50518

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix locking in pdciodcprint firmware call Utilize pdclock spinlock to protect parallel modifications of the iodcdbuf buffer, check length to prevent buffer overflow of iodcdbuf, drop the iodcretbuf buffer and fix some wro...

CVE-2022-50518 parisc: Fix locking in pdc_iodc_print() firmware call

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix locking in pdciodcprint firmware call Utilize pdclock spinlock to protect parallel modifications of the iodcdbuf buffer, check length to prevent buffer overflow of iodcdbuf, drop the iodcretbuf buffer and fix some wro...

cups-filters security update

1.20.0-35.0.1 - header/footer not being printed in banner page. Orabug: 28265099 [email protected] - Fixes Orabug: 29163824 source indentation not following convention [email protected] 1.20.0-35 - CVE-2024-47175 cups-filters: remote command injection via attacker controlled data in PPD...

USN-6629-3 ujson vulnerabilities

USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash...

USN-6629-1 ujson vulnerabilities

It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2021-45958 Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An...

cups-filters security update

1.28.7-11.0.1 - header/footer not being printed in banner page. Orabug: 28265099 [email protected] - Fixes Orabug: 29163824 source indentation not following convention [email protected] 1.28.7-11.1 - CVE-2023-24805 cups-filters: remote code execution in cups-filters, beh CUPS backend...

cups-filters security update

1.20.0-29.0.1 - header/footer not being printed in banner page. Orabug: 28265099 [email protected] - Fixes Orabug: 29163824 source indentation not following convention [email protected] 1.20.0-29.2 - CVE-2023-24805 cups-filters: remote code execution in cups-filters, beh CUPS backend...

SUSE CVE-2021-45958

UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...