Lucene search
Gentoo FoundationMGASA-2023-0159HistoryMay 06, 2023 - 9:19 p.m.
Updated libfastjson packages fix security vulnerability
2023-05-0621:19:07
Gentoo Foundation
advisories.mageia.org
30
libfastjson
security vulnerability
integer overflow
out-of-bounds write
json file
printbuf_memappend
cve-2020-12762
unix
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
44.5%
Integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. (CVE-2020-12762)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 8 | noarch | libfastjson | < 1.2304.0-1 | libfastjson-1.2304.0-1.mga8 |
Related
redhatcve
redhatcve
CVE-2020-12762
2020-05-13 14:10:37
nessus
nessus
FreeBSD : json-c -- integer overflow and out-of-bounds write via a large JSON file (abc3ef37-95d4-11ea-9004-25fadb81abf4)
2020-05-15 00:00:00
SUSE SLED15 / SLES15 Security Update : json-c (SUSE-SU-2022:0184-1)
2022-01-26 00:00:00
SUSE SLES12 Security Update : json-c (SUSE-SU-2022:3001-1)
2022-09-03 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2020-1705)
2020-06-26 00:00:00
Fedora: Security Advisory for json-c (FEDORA-2020-7eb7eac270)
2020-05-29 00:00:00
Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2020-1733)
2020-07-03 00:00:00
cloudfoundry
cloudfoundry
USN-4360-4: json-c vulnerability | Cloud Foundry
2020-06-24 00:00:00
USN-4360-2: json-c regression | Cloud Foundry
2020-06-24 00:00:00
USN-4360-1: json-c vulnerability | Cloud Foundry
2020-06-24 00:00:00
osv
osv
Moderate: json-c security and bug fix update
2021-11-09 13:10:09
json-c - security update
2020-07-30 00:00:00
libfastjson - security update
2023-06-20 00:00:00
amazon
amazon
Medium: json-c
2020-06-23 05:59:00
Medium: json-c
2020-06-26 22:51:00
Medium: libfastjson
2023-06-05 16:39:00
rocky
rocky
json-c security and bug fix update
2021-11-09 13:10:09
nvd
nvd
CVE-2020-12762
2020-05-09 18:15:11
redhat
redhat
(RHSA-2024:0573) Moderate: libfastjson security update
2024-01-30 12:53:18
(RHSA-2021:4382) Moderate: json-c security and bug fix update
2021-11-09 13:10:09
(RHSA-2024:1154) Moderate: libfastjson security update
2024-03-05 16:29:16
freebsd
freebsd
json-c -- integer overflow and out-of-bounds write via a large JSON file
2020-05-02 00:00:00
mageia
mageia
Updated json-c packages fix security vulnerability
2020-05-30 00:18:57
fedora
fedora
[SECURITY] Fedora 30 Update: json-c-0.13.1-12.fc30
2020-05-26 03:18:15
[SECURITY] Fedora 32 Update: json-c-0.13.1-12.fc32
2020-05-17 02:43:40
[SECURITY] Fedora 31 Update: json-c-0.13.1-12.fc31
2020-05-26 03:20:49
debian
debian
[SECURITY] [DLA 2301-1] json-c security update
2020-07-30 14:43:31
[SECURITY] [DLA 2228-1] json-c security update
2020-05-31 13:48:31
[SECURITY] [DLA 3461-1] libfastjson security update
2023-06-20 21:14:01
cvelist
cvelist
CVE-2020-12762
2020-05-09 00:00:00
debiancve
debiancve
CVE-2020-12762
2020-05-09 18:15:11
almalinux
almalinux
Moderate: libfastjson security update
2023-11-14 00:00:00
Moderate: json-c security and bug fix update
2021-11-09 13:10:09
Moderate: libfastjson security update
2023-11-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package json-c version 0.13.1-alt2
2020-07-08 00:00:00
oraclelinux
oraclelinux
json-c security and bug fix update
2021-11-16 00:00:00
libfastjson security update
2023-11-17 00:00:00
libfastjson security update
2023-11-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-12762 affecting package json-c for versions less than 0.14-3
2022-10-21 20:38:56
CVE-2020-12762 affecting package json-c 0.14-3
2020-09-09 06:09:09
ibm
ibm
ubuntu
ubuntu
json-c vulnerability
2020-05-14 00:00:00
json-c vulnerability
2020-05-28 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-08-06 21:35:13
suse
suse
Security update for json-c (important)
2022-01-25 00:00:00
Security update for json-c (important)
2022-02-17 00:00:00
gentoo
gentoo
json-c: Multiple vulnerabilities
2020-06-15 00:00:00
cve
cve
CVE-2020-12762
2020-05-09 18:15:11
prion
prion
Integer overflow
2020-05-09 18:15:00
ubuntucve
ubuntucve
CVE-2020-12762
2020-05-09 00:00:00
alpinelinux
alpinelinux
CVE-2020-12762
2020-05-09 18:15:11
photon
photon
Important Photon OS Security Update - PHSA-2020-0093
2020-05-20 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0093
2020-05-20 00:00:00
ics
ics
Siemens SINEC INS
2022-09-15 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
44.5%
Related for MGASA-2023-0159