2023-06-17
ALT-BU-2023-3849-1
Branch c9f2 update bulletin.
Closed vulnerabilities
Published: 2023-06-06
Modified: 2025-01-08
Modified: 2025-01-08
CVE-2023-33460
There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.
Severity: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- https://github.com/lloyd/yajl/issues/250
- https://github.com/lloyd/yajl/issues/250
- [debian-lts-announce] 20230702 [SECURITY] [DLA 3478-1] yajl security update
- [debian-lts-announce] 20230702 [SECURITY] [DLA 3478-1] yajl security update
- [debian-lts-announce] 20230711 [SECURITY] [DLA 3492-1] yajl security update
- [debian-lts-announce] 20230711 [SECURITY] [DLA 3492-1] yajl security update
- [debian-lts-announce] 20230805 [SECURITY] [DLA 3516-1] burp security update
- [debian-lts-announce] 20230805 [SECURITY] [DLA 3516-1] burp security update
- FEDORA-2023-0b0bb84049
- FEDORA-2023-0b0bb84049
- FEDORA-2023-00572178e1
- FEDORA-2023-00572178e1
- FEDORA-2023-852b377773
- FEDORA-2023-852b377773