5 matches found
CVE-2023-49351
A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy function...
RHEL 8 : Red Hat OpenStack Platform 16.1.9 (python-ujson) (RHSA-2022:8864)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8864 advisory. UltraJSON is an ultra fast JSON encoder and decoder Security Fixes: improper decoding of escaped surrogate characters may lead to string...
python-ujson: improper decoding of escaped surrogate characters may lead to string corruption, key confusion or value overwriting
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...
GHSA-WPQR-JCPX-745R Incorrect handling of invalid surrogate pair characters
Impact What kind of vulnerability is it? Who is impacted? Anyone parsing JSON from an untrusted source is vulnerable. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupting strings, this allowed for potential key...
CVE-2022-31116
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...