119 matches found
CVE-2023-50268
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue...
CVE-2023-50246
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue...
CVE-2023-50268
CVE-2023-50268 concerns jq, a command-line JSON processor. Multiple sources confirm: jq 1.7 is vulnerable to a stack-based buffer overflow in builds using decNumber; a patch is included in version 1.7.1. Practical impact is not elaborated beyond the buffer overflow description in the provided doc...
CVE-2023-50268
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue...
CVE-2023-50268
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue...
CVE-2023-50246 jq has heap-buffer-overflow vulnerability in the function decToString in decNumber.c
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue...
CVE-2023-50246 jq has heap-buffer-overflow vulnerability in the function decToString in decNumber.c
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue...
CVE-2023-50246
CVE-2023-50246 affects jq (command-line JSON processor). The connected OSSV entry specifies a heap-based buffer overflow in the decToString function of decNumber.c affecting version 1.7, with a patch released in version 1.7.1. The description confirms the vulnerability class and the fix, but does...
CVE-2023-50246
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue...
jq Security Vulnerabilities
jq is jqlang open source a lightweight and flexible command line JSON processor . A security vulnerability exists in jq version 1.7, which stems from the function decToString in decNumber.c being susceptible to a heap-based buffer overflow...
jq Security Vulnerabilities
jq is jqlang open source a lightweight and flexible command-line JSON processor . A security vulnerability exists in jq version 1.7 that stems from the use of decNumber builds vulnerable to stack-based buffer overflows...
Atlassian Jira Service Management Data Center and Server 4.20.x < 4.20.27 / 5.4.x < 5.4.11 (JSDSERVER-14746)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-14746 advisory. - Json-smart is a performance focused, JSON processor lib. When reaching a or character in the JSON...
Debian dla-3373 : libjson-smart-java - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3373 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3373-1 [email protected]...
CVE-2023-1370
Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...
CVE-2023-1370
Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...
CVE-2023-1370
Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...
Stack overflow
Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...
CVE-2023-1370 Stack exhaustion in json-smart leads to denial of service when parsing malformed JSON
Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...
CVE-2023-1370
Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...
CVE-2023-1370
The CVE-2023-1370 entry concerns Netplex Json-smart, a JSON processing library. Public materials in the connected docs confirm a stack-exhaustion (DoS) due to unbounded nesting when parsing nested arrays/objects in JSON input, caused by recursive parsing. Affected version range is 2.5.0 through 2...