Jansson Project: >> Jansson >> 2.5 Security Vulnerabilities
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification
CVSS Score
7.5
EPSS Score
0.004
Published
2021-04-26
Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.
CVSS Score
7.5
EPSS Score
0.008
Published
2016-05-17