** DISPUTED ** An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification.
Max CVSS
7.5
EPSS Score
0.16%
Published
2021-04-26
Updated
2021-05-04
Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.
Max CVSS
7.5
EPSS Score
0.92%
Published
2016-05-17
Updated
2016-05-19
Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted JSON document.
Max CVSS
5.0
EPSS Score
0.16%
Published
2014-03-21
Updated
2014-05-23
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!