Your submission was sent successfully! Close

CVE-2020-12762

Published: 9 May 2020

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
json-c
Launchpad, Ubuntu, Debian
bionic
Released (0.12.1-1.3ubuntu0.3)
eoan
Released (0.13.1+dfsg-4ubuntu0.3)
focal
Released (0.13.1+dfsg-7ubuntu0.3)
precise
Released (0.9-1ubuntu1.4)
trusty
Released (0.11-3ubuntu1.2+esm3)
upstream Needs triage

xenial
Released (0.11-4ubuntu2.6)