Buffer overflow in Dan Pascu python-cjson 1.0.5, when UCS-4 encoding is enabled, allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors involving crafted Unicode input to the cjson.encode function.
CPE | Name | Operator | Version |
---|---|---|---|
python-cjson | eq | 1.0.1 | |
python-cjson | eq | 1.0.5 | |
python-cjson | eq | 1.0.2 | |
python-cjson | eq | 1.0.4 | |
python-cjson | eq | 1.0.0 | |
python-cjson | eq | 1.0.3 |
secunia.com/advisories/40335
secunia.com/advisories/40500
www.debian.org/security/2010/dsa-2068
www.vupen.com/english/advisories/2010/1774
bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274
github.com/advisories/GHSA-cqmh-mpx2-g633
github.com/AGProjects/python-cjson
github.com/AGProjects/python-cjson/commit/dc2b8781b8666de5ca707318521f554904fdd690
github.com/pypa/advisory-database/tree/main/vulns/python-cjson/PYSEC-2010-30.yaml
nvd.nist.gov/vuln/detail/CVE-2010-1666