SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

OVAL

json-c: integer overflow and out-of-bounds write (CVE-2020-12762)

ID: oval:org.secpod.oval:def:1802044	Date: (C)2022-03-25 (M)2024-01-02
Class: PATCH	Family: unix

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

Platform:

Alpine Linux 3.10

Alpine Linux 3.11

Alpine Linux 3.12

Alpine Linux 3.13

Alpine Linux 3.14

Alpine Linux 3.15

Alpine Linux 3.9

Product:

json-c

Reference:

11581