Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/12 9:4 p.m.6 views

Security Bulletin: IBM DataPower Gateway vulnerable to a denial of service due to Jansson

Summary IBM DataPower Gateway uses Jansson as part of the On Demand Router ODR component Vulnerability Details CVEID:CVE-2013-6401 DESCRIPTION: Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to caus...

5CVSS6.4AI score0.01969EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/03/25 12:0 a.m.23 views

Fedora 20 : jansson-2.6-1.fc20 (2014-3778)

Florian Weimer of the Red Hat Product Security Team found that the hashing implementation in Jansson, a library for encoding, decoding and manipulating JSON data, was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause an application using Jansson to use an...

5CVSS5.5AI score0.01969EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2014/03/25 12:0 a.m.22 views

Fedora Update for jansson FEDORA-2014-3782

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.01969EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/03/25 12:0 a.m.18 views

Fedora Update for jansson FEDORA-2014-3778

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.01969EPSS
Exploits0References2
OSV
OSV
added 2014/03/21 1:4 a.m.7 views

CVE-2013-6401

Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted JSON document...

6.5AI score
Exploits0References4
CVE
CVE
added 2014/03/20 6:0 p.m.46 views

CVE-2013-6401

CVE-2013-6401 affects Jansson (2.4 and earlier) with predictable hash collisions enabling context-dependent attackers to trigger a denial of service (CPU consumption) via crafted JSON. IBM DataPower Gateway (ODR component) uses Jansson and lists affected versions: 10.6CD 10.6.1.0–10.6.5.0; 10.5.0...

5CVSS6.3AI score0.01969EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder