2 matches found
MiracleLinux 9 : yajl-2.1.0-21.el9 (AXSA:2022-4468:03)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4468:03 advisory. yajl: heap-based buffer overflow when handling large inputs due to an integer overflow CVE-2022-24795 Tenable has extracted the preceding description block...
OESA-2022-1912 yajl security update
yajl is a small event-driven JSON parser written in ANSI C, and a small validating JSON generator. Security Fixes: yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory...