6 matches found
Security Bulletin: IBM DataPower Gateway vulnerable to a denial of service due to Jansson
Summary IBM DataPower Gateway uses Jansson as part of the On Demand Router ODR component Vulnerability Details CVEID:CVE-2013-6401 DESCRIPTION: Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to caus...
Fedora 20 : jansson-2.6-1.fc20 (2014-3778)
Florian Weimer of the Red Hat Product Security Team found that the hashing implementation in Jansson, a library for encoding, decoding and manipulating JSON data, was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause an application using Jansson to use an...
Fedora Update for jansson FEDORA-2014-3782
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for jansson FEDORA-2014-3778
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-6401
Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted JSON document...
CVE-2013-6401
CVE-2013-6401 affects Jansson (2.4 and earlier) with predictable hash collisions enabling context-dependent attackers to trigger a denial of service (CPU consumption) via crafted JSON. IBM DataPower Gateway (ODR component) uses Jansson and lists affected versions: 10.6CD 10.6.1.0–10.6.5.0; 10.5.0...