CRITICAL✓ PATCH🇬🇧 English

CVE-2021-32292

CVSS 9.8v3.1pub. 2023-08-22upd. 2025-06-25

An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Json C

    APP
    Json-C
    0.15-20200726
  • Netapp Active Iq Unified Manager

    APP
    Netapp
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2021-44228CRITICAL10.0⚠ KEVten sam produkt

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...

CVE-2024-52533CRITICAL9.8PL ✓ten sam produkt

Buffer overflow w GNOME GLib — błąd off-by-one w obsłudze SOCKS4

CVE-2024-47561CRITICAL9.2PL ✓ten sam produkt

Apache Avro Java SDK — RCE przez niebezpieczną deserializację schematu

CVE-2023-38545CRITICAL9.8ten sam produkt

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass a...

CVE-2023-23914CRITICAL9.1ten sam produkt

A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS ...