VYPR

Jansson

by Jansson Project

Source repositories

CVEs (2)

  • CVE-2016-4425MedMay 17, 2016
    risk 0.42cvss 6.5epss 0.02

    Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.

  • CVE-2013-6401Mar 21, 2014
    risk 0.00cvss epss 0.02

    Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted JSON document.