AZL-45423 CVE-2024-39684 affecting package opencc 1.1.1-3

Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...

AZL-43315 CVE-2024-39684 affecting package ceph for versions less than 16.2.10-5

Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...

Integer Overflow to Buffer Overflow

Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h file. An attacker can elevate privileges by sending a crafted file that triggers the overflow when parsed. Remediation There is...

PT-2023-14682 · Json.H · Json.H

Name of the Vulnerable Software and Affected Versions: sheredom json.h versions prior to commit 0825301a07cbf51653882bf2b153cc81fdadf41 Description: The issue is related to a buffer overflow vulnerability in the json parse number function. This vulnerability allows attackers to execute arbitrary...