This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Json-C Project | First view | 2014-04-22 |
| Product | Json-C | Last view | 2020-05-09 |
| Version | 0.10 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:json-c_project:json-c | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2020-05-09 | CVE-2020-12762 | json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. |
| 5 | 2014-04-22 | CVE-2013-6371 | The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions. |
| 5 | 2014-04-22 | CVE-2013-6370 | Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (1) | CWE-787 | Out-of-bounds Write |
| 25% (1) | CWE-310 | Cryptographic Issues |
| 25% (1) | CWE-190 | Integer Overflow or Wraparound |
| 25% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2015-03-30 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2015-102.nasl - Type: ACT_GATHER_INFO |
| 2014-10-12 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2014-416.nasl - Type: ACT_GATHER_INFO |
| 2014-09-09 | Name: The remote database server is affected by multiple vulnerabilities. File: db2_105fp4.nasl - Type: ACT_GATHER_INFO |
| 2014-07-30 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-0703.nasl - Type: ACT_GATHER_INFO |
| 2014-07-24 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2014-0703.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2014-317.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-2245-1.nasl - Type: ACT_GATHER_INFO |
| 2014-04-30 | Name: The remote Fedora host is missing a security update. File: fedora_2014-4975.nasl - Type: ACT_GATHER_INFO |
| 2014-04-18 | Name: The remote Fedora host is missing a security update. File: fedora_2014-5006.nasl - Type: ACT_GATHER_INFO |
| 2014-04-18 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2014-079.nasl - Type: ACT_GATHER_INFO |
