Jansson Project Jansson vulnerabilities
3 known vulnerabilities affecting jansson_project/jansson.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2020-36325HIGHCVSS 7.5≤ 2.13.12021-04-26
CVE-2020-36325 [HIGH] CWE-125 CVE-2020-36325: An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification
nvd
CVE-2016-4425MEDIUMCVSS 6.5≤ 2.72016-05-17
CVE-2016-4425 [MEDIUM] CWE-20 CVE-2016-4425: Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recurs
Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.
nvdosv
CVE-2013-6401MEDIUMCVSS 5.0≤ 2.4v2.0+6 more2014-03-21
CVE-2013-6401 [MEDIUM] CWE-310 CVE-2013-6401: Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predicta
Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted JSON document.
nvdosv