Show filters
73 Total Results
Displaying 71-73 of 73
Sort by:
Attacker Value
Unknown

CVE-2014-4616

Disclosure Date: August 24, 2017 (last updated November 26, 2024)
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
Attacker Value
Unknown

CVE-2016-2537

Disclosure Date: February 23, 2016 (last updated November 25, 2024)
The is-my-json-valid package before 2.12.4 for Node.js has an incorrect exports['utc-millisec'] regular expression, which allows remote attackers to cause a denial of service (blocked event loop) via a crafted string.
0
Attacker Value
Unknown

CVE-2015-4590

Disclosure Date: June 22, 2015 (last updated October 05, 2023)
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service (crash) via a JSON string with a \ (backslash) followed by a terminator, as demonstrated by "\\\0", which triggers a buffer overflow and over-read.
0