298 matches found
PT-2022-12099 · Reolink · Reolink Rlc-410W
Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. This can be triggered by a specially-crafted HTTP request, leading to a reboot. The GetPtzSerial...
PT-2022-12094 · Reolink · Reolink Rlc-410W
Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. This can be triggered by a specially-crafted HTTP request, leading to a reboot. The rtmp=start...
PT-2022-12105 · Reolink · Reolink Rlc-410W
Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. This can be triggered by a specially-crafted HTTP request, leading to a reboot. The TestFtp para...
PT-2022-12098 · Reolink · Reolink Rlc-410W
Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. This can be triggered by a specially-crafted HTTP request, leading to a reboot. The PtzCtrl para...
openSUSE 15 Security Update : jawn (openSUSE-SU-2022:0106-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0106-1 advisory. - Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override...
openSUSE 15 Security Update : jawn (openSUSE-SU-2022:0011-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0011-1 advisory. - Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override...
CVE-2022-21653
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
Code injection
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
CVE-2022-21653
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
CVE-2022-21653 Hash collision in typelevel jawn
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
CVE-2022-21653
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
CVE-2022-21653 Hash collision in typelevel jawn
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
CVE-2022-21653 Hash collision in typelevel jawn
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
CVE-2022-21653
CVE-2022-21653 affects the jawn JSON parser. Extenders of org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade that do not override objectContext() are vulnerable to a hash-collision DoS. The issue is fixed in jawn-parser-1.3.1; upgrading is advised. If upgrading isn’t possible, o...
Vulnerability fixed in Ngnix
F5 has fixed a vulnerability in NGINX. The vulnerability makes it possible to perform a denial-of-service attack by sending corrupt json data. The vulnerability is specifically in the JSON parser of the ModSecurity WAF module of NGINX Plus. F5 has made updates available to fix the vulnerability...
ModSecurity 安全漏洞
ModSecurity is an intrusion detection and blocking engine that can be run as a module of the Apache Web Server or as a standalone application to enhance the security of Web applications and protect Web applications from known and unknown attacks. A security vulnerability exists in the NGINX...
OSV-2021-1478 Uncaught exception in com.alibaba.fastjson.parser.DefaultJSONParser.parseObject
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40208 Crash type: Uncaught exception Crash state: com.alibaba.fastjson.parser.DefaultJSONParser.parseObject java.base/java.util.HashMap.tableSizeFor java.base/java.util.HashMap...
OSV-2021-1137 Uncaught exception in com.alibaba.fastjson.parser.DefaultJSONParser.parseObject
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37237 Crash type: Uncaught exception Crash state: com.alibaba.fastjson.parser.DefaultJSONParser.parseObject java.base/java.util.HashMap.tableSizeFor java.base/java.util.HashMap...
PT-2021-21109 · Unknown · Fluent-Bit
Name of the Vulnerable Software and Affected Versions: Fluent Bit aka fluent-bit versions 1.7.0 through 1.7.4 Description: The issue is related to a double free in the flb free function, which is called from flb parser json do and flb parser do. Recommendations: For Fluent Bit aka fluent-bit...
UBUNTU-CVE-2021-31684
A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service DOS via a crafted web request...