9 matches found
Astra Linux – Vulnerability in ujson
UltraJSON is a fast JSON encoder and decoder written in pure C, with bindings for Python 3.7+. It was found that affected versions incorrectly decoded certain characters. JSON strings containing escaped surrogate characters that were not part of a valid surrogate pair were decoded incorrectly. Th...
PT-2026-23623
A vulnerability was found in HSC Cybersecurity Mailinspector up to 5.3.2-3. Affected by this issue is some unknown functionality of the file /mailinspector/mliUserValidation.php of the component URL Handler. The manipulation of the argument error description results in cross site scripting. The...
EUVD-2022-6334
Malicious code in bioql PyPI...
GHSA-9RCW-C2F9-2J55 OpenZeppelin Contracts Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers
Impact The lastIndexOfbytes,byte,uint256 function of the Bytes.sol library may access uninitialized memory when the following two conditions hold: 1 the provided buffer length is empty i.e. buffer.length == 0 and position is not 2256 - 1 i.e. pos != typeuint256.max. The pos argument could be used...
Improper Input Validation
Overview org.apache.poi:poi-ooxml is a Java API To Access Microsoft Format Files. Affected versions of this package are vulnerable to Improper Input Validation due to the parsing process of OOXML format files. An attacker can manipulate the file content by adding zip entries with duplicate names,...
PT-2023-22456 · Zammad · Zammad
Name of the Vulnerable Software and Affected Versions: Zammad versions 5.3.x through 5.3.x Description: The issue allows an authenticated attacker with agent and customer roles to perform unauthorized changes on articles where they only have customer permissions, due to incorrect access control...
python-ujson: improper decoding of escaped surrogate characters may lead to string corruption, key confusion or value overwriting
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...
python-ujson: Potential double free of buffer during string decoding
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON uses the internal decoder, this double free is...
DEBIAN-CVE-2022-31116
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...