PT-2023-18840 · Unknown · Barenboim Json-Parser

Name of the Vulnerable Software and Affected Versions: Barenboim json-parser versions 1.1.0 and earlier Description: The issue allows an attacker to execute arbitrary code via the json value parse function. This is a result of a Buffer OverFlow Vulnerability in the Barenboim json-parser...

CVE-2023-23088

Buffer OverFlow Vulnerability in Barenboim json-parser master and v1.1.0 fixed in v1.1.1 allows an attacker to execute arbitrary code via the jsonvalueparse function...

[SECURITY] [DSA 5312-1] libjettison-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5312-1 [email protected] https://www.debian.org/security/ Markus Koschany January 11, 2023 https://www.debian.org/security/faq -...

json-smart: Denial of Service in JSONParserByteArray function

A flaw was found in the json-smart package in the JSONParserByteArray. This flaw allows an attacker to cause a denial of service...

yajl security update

An update is available for yajl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser...

Moderate: yajl security update

Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C, and a small validating JSON generator. Security Fixes: yajl: heap-based buffer overflow when handling large inputs due to an integer overflow CVE-2022-24795 For more details about the security issues,...

Moderate: Red Hat Security Advisory: yajl security update

An update for yajl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

RLSA-2022:7524 Moderate: yajl security update

Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C and a small validating JSON generator. Security Fixes: yajl: heap-based buffer overflow when handling large inputs due to an integer overflow CVE-2022-24795 For more details about the security issues,...

CVE-2022-23460

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized ASAN build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the...

CVE-2022-23460 Stack overflow in Jsonxx

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized ASAN build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the...

CVE-2022-23460

Jsonxx/Json++ (C++) has a stack-exhaustion vulnerability in the json parsing path, potentially causing Denial of Service on affected builds. The issue is observed in the current commit and is associated with ASAN builds; the project is archived and updates are not expected. Several sources (NVD, ...

CVE-2022-23460 Stack overflow in Jsonxx

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized ASAN build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the...

CVE-2022-23459

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer types which may poin...

Double free

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer types which may poin...

CVE-2022-23459 Double free or Use after Free in Value class of Jsonxx

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer types which may poin...

CVE-2022-23459

CVE-2022-23459 concerns the jsonxx/Json++ C++ JSON parser. The vulnerability arises in the Value class: its default assignment operator may be used with pointer types that reference data which is not updated, enabling memory corruption via double free or use-after-free. Multiple connected sources...

Jsonxx 安全漏洞

Jsonxx is a lightweight Json parser, writer, and reader written in C++ by the individual developer Hong Jiang in China. A security vulnerability exists in Jsonxx, which stems from the fact that json parsing can lead to stack exhaustion in address sanitization ASAN builds, and can be exploited by ...

yajl bug fix and enhancement update

An update is available for yajl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser...

Fastjson code execution vulnerability

Fastjson is a Java-based fast JSON parser/generator. versions prior to Fastjson 1.2.83 have a security vulnerability that stems from the ease of bypassing the default autoType off restriction to deserialize untrusted data, which is exploited by attackers to cause code execution...

CVE-2022-31018

CVE-2022-31018 affects Play Framework forms library (versions 2.8.3–2.8.15) for Java/Scala. The vulnerability is triggered when binding deeply nested JSON via Form.bindFromRequest or Form.bind on a JSON value, which may exhaust heap memory and crash the app (OutOfMemoryError) if run on the defaul...