lib32-jansson - Arch Linux
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1875 | 2.13.1-1 | Low | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2020-36325 | AVG-1875 | Low | Yes | Information disclosure | ** DISPUTED ** An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the... |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-12 | 2.7-2 | 2.8-1 | Medium | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2016-4425 | AVG-12 | Medium | Yes | Denial of service | Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data. |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 20 Sep 2016 | ASA-201609-17 | AVG-12 | Medium | denial of service |