Use After Free

protobuf is vulnerable to a Use After Free. The vulnerability is due to improper handling of chunked JSON input, which causes the parser to attempt to read bytes from a chunk that has already been freed...

Google protobuf 安全漏洞

Google protobuf is a data exchange format from Google, Inc. A security vulnerability exists in Google protobuf, which stems from a security issue in the C++ JSON parser that, under certain circumstances, could cause the parser to copy freed data into an error message with malicious JSON input...

Moderate: Red Hat Security Advisory: yajl security update

An update for yajl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Moderate: Red Hat Security Advisory: yajl security update

An update for yajl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

[SECURITY] Fedora 40 Update: cjson-1.7.17-1.fc40

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file...

Fedora: Security Advisory for libre (FEDORA-2024-a63e807450)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: libre-3.10.0-1.fc40

Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack RFC 3261, SDP, RTP and RTCP, SRTP and SRTCP Secure RTP, DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O poll, epoll, select, kqueue,...

JSON-java: parser confusion leads to OOM

A flaw was found in the org.json package. A bug in the parser exists, and an input string may lead to undefined usage of memory, leading to an out-of-memory error, causing a denial of service DoS...

Fedora: Security Advisory for fasterxml-oss-parent (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: fasterxml-oss-parent-58-2.fc40

FasterXML is the business behind the Woodstox streaming XML parser, Jackson streaming JSON parser, the Aalto non-blocking XML parser, and a growing family of utility libraries and extensions. FasterXML offers consulting services for adoption, performance tuning, and extension. This package contai...

JSON-java: parser confusion leads to OOM

A flaw was found in the org.json package. A bug in the parser exists, and an input string may lead to undefined usage of memory, leading to an out-of-memory error, causing a denial of service DoS...

JSON-java: parser confusion leads to OOM

A flaw was found in the org.json package. A bug in the parser exists, and an input string may lead to undefined usage of memory, leading to an out-of-memory error, causing a denial of service DoS...

yajl security update

An update is available for yajl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser...

RLSA-2023:7057 Moderate: yajl security update

Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C, and a small validating JSON generator. Security Fixes: yajl: Memory leak in yajltreeparse function CVE-2023-33460 For more details about the security issues, including the impact, a CVSS score,...

Moderate: yajl security update

Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C, and a small validating JSON generator. Security Fixes: yajl: Memory leak in yajltreeparse function CVE-2023-33460 For more details about the security issues, including the impact, a CVSS score,...

Moderate: yajl security update

Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C, and a small validating JSON generator. Security Fixes: yajl: Memory leak in yajltreeparse function CVE-2023-33460 For more details about the security issues, including the impact, a CVSS score,...

Fedora: Security Advisory for yajl (FEDORA-2023-852b377773)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for R-jsonlite (FEDORA-2023-0b0bb84049)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2023-29451

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...

CVE-2023-29451

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...