CVE-2016-4425
CVE-2016-4425
Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://github.com/akheron/jansson/issues/282https://github.com/akheron/jansson/pull/284https://github.com/akheron/jansson/pull/284/commits/64ce0ad3731ebd77e02897b07920eadd0e2cc318http://www.debian.org/security/2015/dsa-3577http://www.openwall.com/lists/oss-security/2016/05/01/5http://www.openwall.com/lists/oss-security/2016/05/02/1http://www.openwall.com/lists/oss-security/2016/05/03/3