135 matches found
USN-6629-3 ujson vulnerabilities
USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash...
USN-6629-3: UltraJSON vulnerabilities
USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash...
USN-6629-2: UltraJSON vulnerability
USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash...
USN-6629-2 ujson vulnerability
USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash...
USN-6629-1: UltraJSON vulnerabilities
It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2021-45958 Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An...
USN-6629-1 ujson vulnerabilities
It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2021-45958 Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An...
Ubuntu 16.04 LTS / 18.04 LTS / 22.04 LTS : UltraJSON vulnerabilities (USN-6629-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6629-1 advisory. It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly...
Security Bulletin: IBM Spectrum Discover is vulnerable to multiple vulnerabilities
Summary IBM has addressed multiple vulnerabilities in IBM Spectrum Discover. Webpack loader-utils CVE-2022-37601 is vulnerable to execute arbitrary code on the system caused by a pollution flaw in parseQuery function. OpenStack Keystone CVE-2021-3563 is vulnerable to bypass security restriction...
SUSE CVE-2021-45958
UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...
SUSE CVE-2022-31116
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...
SUSE CVE-2022-31117
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON uses the internal decoder, this double free is...
MGASA-2022-0487 Updated python-ujson packages fix security vulnerability
Fixes len integer overflow issue. RHBZ2149975 Ultrajson doesn't build on webassembly e.g. pyodide because the version of double-conversion used is too old. This updates it to a newer version which supports webassembly...
PT-2022-37586 · Ultrajson · Ultrajson
Name of the Vulnerable Software and Affected Versions: ultrajson affected versions not specified Description: The issue concerns an integer overflow related to the len function. Additionally, there was a problem with ultrajson building on webassembly e.g., pyodide due to an outdated version of...
python-ujson: Potential double free of buffer during string decoding
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON uses the internal decoder, this double free is...
python-ujson: improper decoding of escaped surrogate characters may lead to string corruption, key confusion or value overwriting
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...
python-ujson: improper decoding of escaped surrogate characters may lead to string corruption, key confusion or value overwriting
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...
python-ujson: Potential double free of buffer during string decoding
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON uses the internal decoder, this double free is...
SUSE SLED15 / SLES15 Security Update : python-ujson (SUSE-SU-2022:2673-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2673-1 advisory. - UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected...
[SECURITY] Fedora 35 Update: python-ujson-5.4.0-1.fc35
UltraJSON is an ultra fast JSON encoder and decoder written in pure C with bindings for Python...
Fedora: Security Advisory for python-ujson (FEDORA-2022-1b2b8d5177)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...