17 matches found
Updated rapidjson packages fix security vulnerability
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
Medium: rapidjson
Issue Overview: Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this...
CVE-2024-39684
A flaw was found in the RapidJSON package. This flaw allows a local attacker to trigger an integer overflow via a specially crafted file, possibly leading to the escalation of privileges. Mitigation Mitigation for this issue is either not available or the currently available options do not meet t...
CVE-2024-38517
A flaw was found in rapidjson. Processing a crafted JSON text from a stream can cause an integer overflow in the GenericReader::ParseNumber function in the include/rapidjson/reader.h file, resulting in escalation of privileges. Mitigation Do not process or parse untrusted JSON text with rapidjson...
CVE-2024-39684
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
DEBIAN-CVE-2024-39684
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
AZL-43255 CVE-2024-39684 affecting package rapidjson for versions less than 1.1.0-8
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
UBUNTU-CVE-2024-38517
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
CVE-2024-39684
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
CVE-2024-39684 Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Overflow
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
CVE-2024-39684 Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Overflow
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
CVE-2024-38517
CVE-2024-38517 : Tencent RapidJSON is vulnerable to a local privilege-escalation due to an integer underflow in the GenericReader::ParseNumber() function when parsing JSON text from a stream. A crafted file opened by the victim can trigger the underflow, enabling elevation of privileges. The vuln...
CVE-2024-38517 Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Underflow
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
Tencent RapidJSON Security Vulnerability
Tencent RapidJSON is a C++ rapid JSON parser/generator with SAX/DOM style API from Tencent, China. A security vulnerability exists in Tencent RapidJSON, which stems from an integer overflow vulnerability in the GenericReader::ParseNumber function in include/rapidjson/reader.h. An attacker can...
Tencent RapidJSON Security Vulnerability
Tencent RapidJSON is a C++ rapid JSON parser/generator with SAX/DOM style API from Tencent, China. A security vulnerability exists in Tencent RapidJSON, which stems from an integer underflow issue in the GenericReader::ParseNumber function in include/rapidjson/reader.h. An attacker could use this...
Integer Underflow
Overview Affected versions of this package are vulnerable to Integer Underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened, this triggers the integer...
Denial Of Service (DoS)
google.golang.org/protobuf is vulnerable to Denial Of Service DoS. The vulnerability exists due to the parseNumber function in decodenumber.go, which allows an attacker to cause an application crash by parsing a message starting with a number, then whitespace, then minus, then whitespace, such as...