259 matches found
json-c bug fix and enhancement update
An update is available for json-c. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...
pfSense 2.4.x < 2.4.5-p1 Multiple Vulnerabilities
According to its self-reported version number, the remote pfSense install is a version 2.4.x prior to 2.4.5-p1. It is, therefore, affected by the following vulnerabilities in its subcomponents: - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an 'NXNSAttack' issue...
Security Bulletin: IBM MQ is affected by a vulnerability in json-c (CVE-2020-12762)
Summary An applicable vulnerability was found in the json-c library that is bundled with MQ server and native client installations. Vulnerability Details CVEID: CVE-2020-12762 DESCRIPTION: json-c could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow...
EulerOS Virtualization 3.0.2.2 : json-c (EulerOS-SA-2020-2189)
According to the version of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by...
Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2020-2189)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2020-2084)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : json-c (EulerOS-SA-2020-2084)
According to the version of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend.CVE-2020-12762 Note...
CVE-2020-12762 affecting package json-c 0.14-3
CVE-2020-12762 affecting package json-c 0.14-3. A patched version of the package is available...
EulerOS Virtualization for ARM 64 3.0.2.0 : json-c (EulerOS-SA-2020-1985)
According to the version of the json-c package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A flaw was found in json-c. In printbufmemappend, certain crafted values can overflow the memory allowing an attacker to...
Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2020-1985)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-4741-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Arbitrary Code Execution
json-c is vulnerable to arbitrary code execution. The vulnerability exists through an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend...
Debian DSA-4741-1 : json-c - security update
Tobias Stoeckmann discovered an integer overflow in the json-c JSON library, which could result in denial of service or potentially the execution of arbitrary code if large malformed JSON files are processed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
[SECURITY] [DSA 4741-1] json-c security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4741-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 05, 2020 https://www.debian.org/security/faq -...
DSA-4741-1 json-c - security update
Bulletin has no description...
Debian DLA-2301-1 : json-c security update
Tobias Stoeckmann found an integer overflow issue in JSON-C, a C library to manipulate JSON objects, when reading maliciously crafted large files. The issue could be exploited to cause denial of service or possibly execute arbitrary code. For Debian 9 stretch, this problem has been fixed in versi...
Debian: Security Advisory (DLA-2301-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2301-1] json-c security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2301-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort July 30, 2020 https://wiki.debian.org/LTS -...
DLA-2301-1 json-c - security update
Bulletin has no description...
Security fix for the ALT Linux 9 package json-c version 0.13.1-alt2
0.13.1-alt2 built July 8, 2020 Alexey Shabalin in task 254507 --- July 4, 2020 Alexey Shabalin - Update to json-c-0.13 branch ee9f67c81a3c2a44557f0cc16dc136c140293252 - Fixes: CVE-2020-12762...