json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
07 Nov 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
25 Sep 2023, 02:30
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2023/06/msg00023.html - Third Party Advisory |
16 Sep 2023, 13:09
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:json-c:json-c:*:*:*:*:*:*:*:* | |
First Time |
Json-c
Json-c json-c |
21 Jun 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Nov 2022, 19:41
Type | Values Removed | Values Added |
---|---|---|
References | (UBUNTU) https://usn.ubuntu.com/4360-4/ - Third Party Advisory | |
References | (MISC) https://github.com/rsyslog/libfastjson/issues/161 - Exploit, Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202006-13 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/05/msg00032.html - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/07/msg00031.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W226TSCJBEOXDUFVKNWNH7ETG7AR6MCS/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CQQRRGBQCAWNCCJ2HN3W5SSCZ4QGMXQI/ - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/05/msg00034.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210521-0001/ - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBR36IXYBHITAZFB5PFBJTED22WO5ONB/ - Mailing List, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4741 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4360-1/ - Third Party Advisory | |
CPE | cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:a:siemens:sinec_ins:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:* |
|
First Time |
Fedoraproject fedora
Canonical ubuntu Linux Canonical Fedoraproject Debian debian Linux Debian Siemens Siemens sinec Ins |
13 Sep 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 May 2021, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-05-09 18:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-12762
Mitre link : CVE-2020-12762
CVE.ORG link : CVE-2020-12762
JSON object : View
Products Affected
json-c
- json-c
debian
- debian_linux
canonical
- ubuntu_linux
siemens
- sinec_ins
fedoraproject
- fedora