FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-19 12:13:07 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
abc3ef37-95d4-11ea-9004-25fadb81abf4	json-c -- integer overflow and out-of-bounds write via a large JSON file Tobias StÃ¶ckmann reports: I have discovered a way to trigger an out of boundary write while parsing a huge json file through a malicious input source. It can be triggered if an attacker has control over the input stream or if a huge load during filesystem operations can be triggered. Discovery 2020-05-02 Entry 2020-05-14 Modified 2020-05-17 json-c < 0.14 https://github.com/json-c/json-c/pull/592 https://github.com/json-c/json-c/pull/599 CVE-2020-12762

VuXML ID

Description

abc3ef37-95d4-11ea-9004-25fadb81abf4

json-c -- integer overflow and out-of-bounds write via a large JSON file

Tobias StÃ¶ckmann reports:

I have discovered a way to trigger an out of boundary write while parsing a huge json file through a malicious input source. It can be triggered if an attacker has control over the input stream or if a huge load during filesystem operations can be triggered.

Discovery 2020-05-02
Entry 2020-05-14
Modified 2020-05-17
json-c

< 0.14

https://github.com/json-c/json-c/pull/592
https://github.com/json-c/json-c/pull/599
CVE-2020-12762