77 matches found
Fedora: Security Advisory for python-ujson (FEDORA-2022-dbf6e00ba8)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: python-ujson-5.1.0-1.fc36
UltraJSON is an ultra fast JSON encoder and decoder written in pure C with bindings for Python...
Debian DLA-2929-1 : ujson - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2929 advisory. - UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount o...
Debian: Security Advisory (DLA-2929-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2929-1] ujson security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2929-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky February 26, 2022 https://wiki.debian.org/LTS -...
DLA-2929-1 ujson - security update
Bulletin has no description...
OSV-2021-1809 Heap-buffer-overflow in ujson.cpython-38-x86_64-linux-gnu.so
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44973 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ujson.cpython-38-x8664-linux-gnu.so ujson.cpython-38-x8664-linux-gnu.so ujson.cpython-38-x8664-linux-gnu.so...
aio-binance-library (>=2.0.1 <=2.0.6), async-icq (=1.1.10) +22 more potentially affected by unknown CVE via ujson (=5.1.0)
ujson PYPI version =5.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on ujson and may be impacted: - aio-binance-library =2.0.1, =1.0.0, =0.2.0, =0.7.0, =1.0.4, =0.7.0, =2.0.0, =2.0.2 and more Source cves: unknown CVE Source advisory: OSV:OSV-2021-18...
1942pyc (=7.0.1), 3robotics (=0.0.1) +3431 more potentially affected by CVE-2021-45958 via ujson (>=1.34.0 <=5.1.0)
ujson PYPI version =1.34.0, =0.11.0, =0.10.0, =0.10.0, =0.1.0, =0.1.0, =0.10.0, =0.11.0 - a-pandas-ex-intersection-difference =0.1.0 and more Source cves: CVE-2021-45958 Source advisory: OSV:GHSA-FH56-85CW-5PQ6...
CVE-2021-45958
UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...
CVE-2021-45958
UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...
1942pyc (=7.0.1), 3robotics (=0.0.1) +3271 more potentially affected by CVE-2021-45958 via ujson (>=4.0.2 <=5.12.1)
ujson PYPI version =4.0.2, =0.11.0, =0.10.0, =0.10.0, =0.1.0, =0.1.0, =0.10.0, =0.11.0 - a-pandas-ex-intersection-difference =0.1.0 and more Source cves: CVE-2021-45958 Source advisory: OSV:PYSEC-2022-25...
CVE-2021-45958
CVE-2021-45958 affects UltraJSON (ujson) up to version 5.1.0, with a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation could crash the application by using excessive indentation. Publicly documented references include Debian LTS (DLA-2929-1) and Mageia...
acg-feature-extractor (=0.0.2), aiographql-client (>=1.0.0 <=1.0.1) +32 more potentially affected by unknown CVE via ujson (>=2.0.1 <=2.0.3)
ujson PYPI version =2.0.1, =1.0.0, =0.0.0b13, =3.7.1, =3.0.2, =3.7.0, =1.2.0, =0.9.20, =0.3.0, =1.0.0 and more Source cves: unknown CVE Source advisory: OSV:OSV-2021-955...
aio-fluid (>=0.1.0 <=0.2.2), aiohttp-rapid (=0.0.0) +122 more potentially affected by unknown CVE via ujson (>=4.0.0 <=4.3.0)
ujson PYPI version =4.0.0, =0.1.0, =0.8.2, =0.7.1a0, =0.8.0a1, =0.7.1, =0.7.1a3, =0.0.1.dev2, =0.1.7, =0.1.21, =0.0.4, =0.1.0b1, =3.1.0, =3.2.1 and more Source cves: unknown CVE Source advisory: OSV:OSV-2021-955...
1942pyc (=7.0.1), 3robotics (=0.0.1) +3219 more potentially affected by unknown CVE via ujson (>=5.0.0 <=5.1.0)
ujson PYPI version =5.0.0, =0.11.0, =0.10.0, =0.10.0, =0.1.0, =0.1.0, =0.10.0, =0.11.0 - a-pandas-ex-intersection-difference =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:OSV-2021-955...
abdelrahman-obfuscate (>=1.0.0 <=1.0.1), abdo (=2.0.0) +61 more potentially affected by unknown CVE via ujson (>=3.0.0 <=3.2.0)
ujson PYPI version =3.0.0, =1.0.0, =2.0.0, =1.1.5, =1.0.20, =0.3.6, =0.0.3, =0.0.1, =1.5.0, =0.0.0b14, =0.1.0, =0.4.2 and more Source cves: unknown CVE Source advisory: OSV:OSV-2021-955...