Filtered by vendor Jansson Project
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36325 | 1 Jansson Project | 1 Jansson | 2024-08-04 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification. | |||||
| CVE-2016-4425 | 1 Jansson Project | 1 Jansson | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data. | |||||
| CVE-2013-6401 | 1 Jansson Project | 1 Jansson | 2024-02-04 | 5.0 MEDIUM | N/A |
| Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted JSON document. | |||||