An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HJson C
APPJson-C0.15-20200726Netapp Active Iq Unified Manager
APPNetappwszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
Related vulnerabilities
CVE-2021-44228CRITICAL10.0⚠ KEVten sam produkt
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...
CVE-2024-52533CRITICAL9.8PL ✓ten sam produkt
Buffer overflow w GNOME GLib — błąd off-by-one w obsłudze SOCKS4
CVE-2024-47561CRITICAL9.2PL ✓ten sam produkt
Apache Avro Java SDK — RCE przez niebezpieczną deserializację schematu
CVE-2023-38545CRITICAL9.8ten sam produkt
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass a...
CVE-2023-23914CRITICAL9.1ten sam produkt
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS ...