70 matches found
CVE-2019-10691
The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username...
CVE-2019-10691
CVE-2019-10691 affects Dovecot, where the JSON encoder in versions prior to 2.3.5.2 can be triggered by an invalid UTF-8 sequence as the username, causing repeated crashes of the authentication service. Connected docs corroborate this with references to Dovecot versions and the vulnerability desc...
USN-3951-1: Dovecot vulnerability
It was discovered that the Dovecot JSON encoder incorrectly handled certain invalid UTF-8 characters. A remote attacker could possibly use this issue to cause Dovecot to repeatedly crash, resulting in a denial of service...
FreeBSD : dovecot -- json encoder crash (a64aa22f-61ec-11e9-85b9-a4badb296695)
Aki Tuomi reports : CVE-2019-10691: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject...
CVE-2019-10691
The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username...
CVE-2019-10691
The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username...
dovecot -- json encoder crash
Aki Tuomi reports: CVE-2019-10691: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject...
Nextcloud Server 'JSON Encoder' Security Bypass Vulnerability
Nextcloud Server is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Improper validation of data passed to JSON encoder (NC-SA-2018-006)
Improper validation of input allowed an attacker to not have their actions logged to the audit log...
[SECURITY] Fedora 19 Update: python-simplejson-3.5.3-1.fc19
simplejson is a simple, fast, complete, correct and extensible JSON encoder and decoder for Python 2.5+. It is pure Python co de with no dependencies, but includes an optional C extension for a serious sp eed boost. The encoder may be subclassed to provide serialization in any kind of situation,...