Your submission was sent successfully! Close

CVE-2013-6371

Published: 8 April 2014

The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions.

Priority

Medium

Status

Package Release Status
json-c
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (0.9-1ubuntu1.1)
quantal Ignored
(reached end-of-life)
saucy
Released (0.11-2ubuntu1.2)
trusty
Released (0.11-3ubuntu1.2)
upstream
Released (0.11-4)
Patches:
upstream: https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015