UltraJSON (aka ujson) up to and including 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ultrajson project ultrajson |
||
debian debian linux 9.0 |
||
fedoraproject fedora 35 |
||
fedoraproject fedora 36 |
||
fedoraproject fedora 37 |