Debian Bug report logs -
#960326
json-c: CVE-2020-12762
Package:
src:json-c;
Maintainer for src:json-c is Debian QA Group <packages@qadebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 11 May 2020 19:57:01 UTC
Severity: grave
Tags: security, upstream
Found in version json-c/0131+dfsg-7
...
json-c could be made to execute arbitrary code if it received
a specially crafted JSON file ...
json-c could be made to execute arbitrary code if it received
a specially crafted JSON file ...
Tobias Stoeckmann discovered an integer overflow in the json-c JSON
library, which could result in denial of service or potentially the
execution of arbitrary code if large malformed JSON files are processed
For the stable distribution (buster), this problem has been fixed in
version 0121+ds-2+deb10u1
We recommend that you upgrade your json-c p ...
json-c through 014 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend (CVE-2020-12762) ...
Synopsis
Moderate: libfastjson security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for libfastjson is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Product Security ha ...
Synopsis
Moderate: libfastjson security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for libfastjson is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as hav ...
Synopsis
Moderate: libfastjson security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for libfastjson is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...
Synopsis
Moderate: Red Hat OpenShift Data Foundation 41210 Bug Fix Update
Type/Severity
Security Advisory: Moderate
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 41210 on Red Hat Enterprise Linux 8 from Red Hat Container Registry
Description
Red Hat OpenShift Data Foundation is softw ...
Synopsis
Moderate: Gatekeeper Operator v02 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Gatekeeper Operator v02Red Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available f ...
Synopsis
Important: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Important
Topic
An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 12 (GitOps v122)Re ...
Synopsis
Moderate: Release of OpenShift Serverless 1200
Type/Severity
Security Advisory: Moderate
Topic
Release of OpenShift Serverless 1200Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available fo ...
Synopsis
Moderate: Red Hat OpenShift distributed tracing 210 security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat Openshit distributed tracing 21Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis
Important: Release of containers for OSP 162 director operator tech preview
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenStack Platform 162 (Train) director Operator containers areavailable for technology preview
Description
Release osp-director-operator imagesSecurity Fix(es): golang: net/http: limit growth of h ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 2211 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 2211 General Availability release images, which provide one or more container updates and bug fixesRed Hat Product Security has rated this update as ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 154 security update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 154 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score, whichg ...
A flaw was found in json-c In printbuf_memappend, certain crafted values can overflow the memory allowing an attacker to write past the memory boundary The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (CVE-2020-12762) ...
json-c through 014 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend (CVE-2020-12762) ...
A flaw was found in json-c In printbuf_memappend, certain crafted values can overflow the memory allowing an attacker to write past the memory boundary The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability ...