Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jansson
(Jansson_project)| Repositories | https://github.com/akheron/jansson |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-04-26 | CVE-2020-36325 | An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification | Jansson | 7.5 | ||
| 2016-05-17 | CVE-2016-4425 | Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data. | Jansson | 7.5 | ||
| 2014-03-21 | CVE-2013-6401 | Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted JSON document. | Jansson | N/A |