CVE-2013-6370 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Json-c

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents7 sources

Severity

5.0MEDIUMNVD

EPSS

2.9%

top 13.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Json-c Debian Json-c Fedoraproject Fedora

Timeline

PublishedApr 22

Latest updateMay 17

Description

Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶NVDjson-c/json-c< 0.12-20140410

▶debiandebian/json-c< json-c 0.11-4 (bookworm)

▶Debianjson-c/json-c< 0.11-4+3

▶Ubuntujson-c/json-c< 0.11-3ubuntu1.2

Also affects: Fedora 20

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-w5g5-g39g-7p84: Buffer overflow in the printbuf APIs in json-c before 0↗2022-05-17

▶

OSV

json-c vulnerabilities↗2014-06-12

▶

OSV

CVE-2013-6370: Buffer overflow in the printbuf APIs in json-c before 0↗2014-04-22

▶

📋Vendor Advisories

Ubuntu

json-c vulnerabilities↗2014-06-12

▶

Red Hat

json-c: buffer overflow if size_t is larger than int↗2014-04-09

▶

Debian

CVE-2013-6370: json-c - Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attacke...↗2013

▶

💬Community

Bugzilla

CVE-2013-6371 CVE-2013-6370 json-c: various flaws [epel-all]↗2014-04-09

▶

Bugzilla

CVE-2013-6371 CVE-2013-6370 json-c: various flaws [fedora-all]↗2014-04-09

▶

Bugzilla

CVE-2013-6370 json-c: buffer overflow if size_t is larger than int↗2013-11-20

▶