all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6629-1: UltraJSON vulnerabilities

Add to bookmarks
Feb. 14, 2024, 1:41 a.m. |

Ubuntu security notices ubuntu.com

It was discovered that UltraJSON incorrectly handled certain input with
a large amount of indentation. An attacker could possibly use this issue
to crash the program, resulting in a denial of service. (CVE-2021-45958)

Jake Miller discovered that UltraJSON incorrectly decoded certain
characters. An attacker could possibly use this issue to cause key
confusion and overwrite values in dictionaries. (CVE-2022-31116)

It was discovered that UltraJSON incorrectly handled an error when
reallocating a buffer for string decoding. An attacker could possibly
use …

attacker characters crash cve denial of service input issue key large miller program service usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6804-1: GNU C Library vulnerabilities 1 day, 16 hours ago | ubuntu.com
attacker buffer buffer overflow cache +17
USN-6803-1: FFmpeg vulnerabilities 2 days, 14 hours ago | ubuntu.com
arbitrary code arbitrary code execution attacker code +15
USN-6802-1: PostgreSQL vulnerability 2 days, 18 hours ago | ubuntu.com
authorization can commands current +9
USN-6801-1: PyMySQL vulnerability 2 days, 18 hours ago | ubuntu.com
attacker attacks injection injection attacks +8
USN-6800-1: browserify-sign vulnerability 2 days, 20 hours ago | ubuntu.com
attack attacker automated check +10
USN-6799-1: Werkzeug vulnerability 3 days, 14 hours ago | ubuntu.com
attacker code debugger host +6
USN-6798-1: GStreamer Base Plugins vulnerability 3 days, 15 hours ago | ubuntu.com
arbitrary code attacker base code +7
USN-6796-1: TPM2 Software Stack vulnerabilities 3 days, 17 hours ago | ubuntu.com
arbitrary code arrays attacker code +10
USN-6797-1: Intel Microcode vulnerabilities 3 days, 23 hours ago | ubuntu.com
access features hardware intel +17

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com