Download
| Alert*
oval:org.secpod.oval:def:602501
Gustavo Grieco discovered that jansson, a C library for encoding, decoding and manipulating JSON data, did not limit the recursion depth when parsing JSON arrays and objects. This could allow remote attackers to cause a denial of service via stack exhaustion, using crafted JSON data. oval:org.secpod.oval:def:1800633 Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service via crafted JSON data. oval:org.secpod.oval:def:1800843 Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service via crafted JSON data. oval:org.secpod.oval:def:111378 Small library for parsing and writing JSON documents. oval:org.secpod.oval:def:111380 Small library for parsing and writing JSON documents. oval:org.secpod.oval:def:2103112 Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data. |