OESA-2024-2302 cjson security update

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - Requires: pkgconfig %description devel The cjson-devel package contains libraries and header files...

OESA-2024-2303 cjson security update

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - Requires: pkgconfig %description devel The cjson-devel package contains libraries and header files...

Mageia: Security Advisory (MGASA-2024-0324)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0324 Updated cjson packages fix security vulnerability

cJSON was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSONSetValuestring at cJSON.c. CVE-2024-31755...

Updated cjson packages fix security vulnerability

cJSON was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSONSetValuestring at cJSON.c. CVE-2024-31755...

[SECURITY] Fedora 41 Update: cjson-1.7.18-1.fc41

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file...

Fedora: Security Advisory (FEDORA-2024-5db248f2a0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: cjson-1.7.18-1.fc40

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file...

BIT-VALKEY-2022-24834 Heap overflow issue with the Lua cjson library used by Redis

Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...

BIT-KEYDB-2022-24834 Heap overflow issue with the Lua cjson library used by Redis

Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...

ROS-20240729-13

Vulnerability of cJSONInsertItemInArray function of JSON-C library for JSON-C JSON processing is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

ROS-20240726-03

A vulnerability in the cjson and cmsgpack libraries of the Redis database management system DBMS is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted Lua...

RHEL 8 : redis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - redis: Code injection via Lua script execution environment CVE-2022-24735 - redis: heap overflow in the l...

cJSON before 1.7.11 allows out-of-bounds access related to \x00 in a string literal.

...

cJSON before 1.7.11 allows out-of-bounds access related to multiline comments.

...

OPENSUSE-SU-2024:13537-1 cJSON-devel-1.7.17-1.1 on GA media

These are all security issues fixed in the cJSON-devel-1.7.17-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:14021-1 cJSON-devel-1.7.18-1.1 on GA media

These are all security issues fixed in the cJSON-devel-1.7.18-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 8 : redis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - redis: Redis SORTRO may bypass ACL configuration CVE-2023-41053 Note that Nessus has not tested for this issue but...

Fedora: Security Advisory (FEDORA-2024-74563262c0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : cJSON (openSUSE-SU-2024:0139-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0139-1 advisory. - Update to 1.7.18: CVE-2024-31755: NULL pointer dereference via cJSONSetValuestring boo1223420 Remove non-functional list handling of compiler...