Tencent RapidJSON Security Vulnerability

Tencent RapidJSON is a C++ rapid JSON parser/generator with SAX/DOM style API from Tencent, China. A security vulnerability exists in Tencent RapidJSON, which stems from an integer underflow issue in the GenericReader::ParseNumber function in include/rapidjson/reader.h. An attacker could use this...

Integer Underflow

Overview Affected versions of this package are vulnerable to Integer Underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened, this triggers the integer...

PT-2024-5552 · Tencent +4 · Rapidjson +4

Name of the Vulnerable Software and Affected Versions: Tencent RapidJSON affected versions not specified Description: The issue is related to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. This can be exploited b...

OPENSUSE-SU-2024:13780-1 python310-python-rapidjson-1.16-1.1 on GA media

These are all security issues fixed in the python310-python-rapidjson-1.16-1.1 package on the GA media of openSUSE Tumbleweed...

Malicious code in rapidjson (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d8cde70e5ebdf9f1f3ca47531c69bd833ee151e87b26e71cab845eba16fdbe4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5590 Malicious code in rapidjson (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d8cde70e5ebdf9f1f3ca47531c69bd833ee151e87b26e71cab845eba16fdbe4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV-2021-1384 UNKNOWN WRITE in rapidjson::PrettyWriter<rapidjson::GenericStringBuffer<rapidjson::UTF8<char>, ra

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39337 Crash type: UNKNOWN WRITE Crash state: rapidjson::PrettyWriter, ra bool rapidjson::GenericValue, rapidjson::MemoryPoolAllocat bool rapidjson::GenericValue, rapidjson::MemoryPoolAllocat...

rapidjson:fuzzer: Crash in void rapidjson::PutN<rapidjson::GenericStringBuffer<rapidjson::UTF8<char>, rapid

Detailed Report: https://oss-fuzz.com/testcase?key=5737460289503232 Project: rapidjson Fuzzing Engine: libFuzzer Fuzz Target: fuzzer Job Type: libfuzzerasani386rapidjson Platform Id: linux Crash Type: UNKNOWN WRITE Crash Address: 0x4f5cf10a Crash State: void rapidjson::PutN, rapid...

osquery:osqueryfuzz-config: Crash in bool rapidjson::GenericValue<rapidjson::UTF8<char>, rapidjson::MemoryPoolAllocat

Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5684053100986368 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-config Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x01807fff8001...

osquery:osqueryfuzz-config: Crash in rapidjson::internal::FastPath

Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5751874325577728 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-config Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x0001000c821b...

Tencent RapidJSON Buffer Error Vulnerability

Tencent RapidJSON is a C++-based JSON parser/generator . A buffer overflow vulnerability exists in the 'Peek' function of the stream.h file in Tencent RapidJSON version 1.1.0. An attacker can exploit this vulnerability to cause an out-of-bounds read...

skia/skottie_json: Crash in rapidjson::internal::Pow10

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=4735000405606400 Project: skia Fuzzer: libFuzzerskiaskottiejson Fuzz target binary: skottiejson Job Type: libfuzzerasanskia Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000100280ae1...