137 matches found
fastest-json-copy 安全漏洞
fastest-json-copy is a library by Vadim Dalecky personal developer . It is used for JSON deep cloning implementations. A security vulnerability exists in fastest-json-copy version 1.0.1, which stems from an application not properly validating incoming JSON keys...
Uncaught Exception leading to Denial of Service in json-sanitizer
OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations...
Owasp Json-sanitizer Input Validation Error Vulnerability
Owasp Json-sanitizer is the Owasp Foundation of a Java-based Json can be based on the text content similar to the Json code library to generate data in Json format . An input validation error vulnerability exists in OWASP JSON -sanitizer prior to version 1.2.2, which stems from the fact that a...
CVE-2021-23900
The CVE-2021-23900 entry concerns OWASP json-sanitizer before 1.2.2, where crafted input can cause invalid JSON output or an undeclared exception, potentially leading to DoS. Connected sources (Red Hat, GHSA, OSV, CNVD, CVE listings) confirm the same core issue affecting json-sanitizer prior to 1...
Denial of service attack due to invalid JSON
Impact A denial of service attack against Matrix clients can be exploited by sending an event including invalid JSON data to Synapse. Synapse would relay the data to clients which could crash or hang. Impact is long-lasting if the event is made part of the room state. Patches At a minimum 8106 an...
GHSA-4MP3-385R-V63F Denial of service attack due to invalid JSON
Impact A denial of service attack against Matrix clients can be exploited by sending an event including invalid JSON data to Synapse. Synapse would relay the data to clients which could crash or hang. Impact is long-lasting if the event is made part of the room state. Patches At a minimum 8106 an...
Apache Mesos libprocess Denial of Service Vulnerability
Apache Mesos is the United States Apache Apache Software Foundation of a set of support for Hadoop, ElasticSearch and Spark and other application architectures of open source cluster management software. libprocess is one of the underlying network communication libraries . A security vulnerabilit...
ALPINE-CVE-2017-15098
Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...
Denial Of Service (DoS)
github.com/kubernetes/kubernetes is vulnerable to denial of service attacks. These attacks can be triggered by invalid JSON data. The invalid JSON data causes github.com/kubernetes/kubernetes to panic and cause a nil pointer dereference causing the master process to crash. This is related to...
DEBIAN-CVE-2016-5705
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 server-privileges certificate data fields on the user privileges page, 2 an "invalid JSON" error messa...
UBUNTU-CVE-2016-5705
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 server-privileges certificate data fields on the user privileges page, 2 an "invalid JSON" error messa...
CVE-2016-5705
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 server-privileges certificate data fields on the user privileges page, 2 an "invalid JSON" error messa...
CVE-2011-2532
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service infinite loop via invalid JSON data, as demonstrated by truncated data...
DEBIAN-CVE-2011-2532
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service infinite loop via invalid JSON data, as demonstrated by truncated data...
CVE-2011-2532
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service infinite loop via invalid JSON data, as demonstrated by truncated data...
CVE-2011-2532
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service infinite loop via invalid JSON data, as demonstrated by truncated data...
CVE-2011-2532
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service infinite loop via invalid JSON data, as demonstrated by truncated data...