CVE-2013-6371
Published: 8 April 2014
The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions.
Priority
Status
Package | Release | Status |
---|---|---|
json-c Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(0.9-1ubuntu1.1)
|
|
quantal |
Ignored
(end of life)
|
|
saucy |
Released
(0.11-2ubuntu1.2)
|
|
trusty |
Released
(0.11-3ubuntu1.2)
|
|
upstream |
Released
(0.11-4)
|
|
Patches: upstream: https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015 |