Download
| Alert*
|
oval:org.secpod.oval:def:708675
yajl: Yet Another JSON Library Details: USN-6233-1 fixed vulnerabilities in YAJL. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. Original advisory Several security issues were fixed in YAJL. oval:org.secpod.oval:def:125957 Yet Another JSON Library. YAJL is a small event-driven JSON parser written in ANSI C, and a small validating JSON generator. oval:org.secpod.oval:def:125913 Yet Another JSON Library. YAJL is a small event-driven JSON parser written in ANSI C, and a small validating JSON generator. oval:org.secpod.oval:def:2001040 In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c. This results in the whole ruby process terminating and potentially a denial of service. oval:org.secpod.oval:def:96796 yajl: Yet Another JSON Library Details: USN-6233-1 fixed vulnerabilities in YAJL. This update provides the corresponding updates for Linux Mint 20.x LTS, Linux Mint 21.x LTS, and Ubuntu 23.04. Original advisory Several security issues were fixed in YAJL. oval:org.secpod.oval:def:1901789 In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c. This results in the whole ruby process terminating and potentially a denial of service. |
