Msrc Azl3 Apparmor 3.1.7-1 On Azure Linux 3.0 vulnerabilities

5 known vulnerabilities affecting msrc/azl3_apparmor_3.1.7-1_on_azure_linux_3.0.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3LOW2

Vulnerabilities

Page 1 of 1
CVE-2023-53154LOWCVSS 2.92025-05-13
CVE-2023-53154 [LOW] CWE-125 parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called. parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our custo
msrc
CVE-2023-26819LOWCVSS 2.92025-04-08
CVE-2023-26819 [LOW] CWE-440 cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,9999999999999999999999999999999999999999999999912345678901234567]}. cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,9999999999999999999999999999999999999999999999912345678901234567]}. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected
msrc
CVE-2024-31755HIGHCVSS 7.62024-04-09
CVE-2024-31755 [HIGH] CWE-476 cJSON v1.7.17 was discovered to contain a segmentation violation which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c. cJSON v1.7.17 was discovered to contain a segmentation violation which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of t
msrc
CVE-2023-50471HIGHCVSS 7.52023-12-12
CVE-2023-50471 [HIGH] CWE-476 cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c. cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is
msrc
CVE-2023-50472HIGHCVSS 7.52023-12-12
CVE-2023-50472 [HIGH] CWE-476 cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_SetValuestring at cJSON.c. cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_SetValuestring at cJSON.c. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the co
msrc