CVE-2022-23460 – Stack overflow in Jsonxx
https://notcve.org/view.php?id=CVE-2022-23460
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized (ASAN) build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the current commit of the jsonxx project and the project itself has been archived. Updates are not expected. • https://securitylab.github.com/advisories/GHSL-2022-049_Jsonxx • CWE-121: Stack-based Buffer Overflow CWE-674: Uncontrolled Recursion •
CVE-2022-23459 – Double free or Use after Free in Value class of Jsonxx
https://notcve.org/view.php?id=CVE-2022-23459
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer types which may point to alterable data where the pointer itself is not updated. This issue exists on the current commit of the jsonxx project. The project itself has been archived and updates are not expected. • https://securitylab.github.com/advisories/GHSL-2022-048_Jsonxx • CWE-415: Double Free CWE-416: Use After Free •
CVE-2022-36010 – Arbitrary code execution via function parsing in react-editable-json-tree
https://notcve.org/view.php?id=CVE-2022-36010
This library allows strings to be parsed as functions and stored as a specialized component, [`JsonFunctionValue`](https://github.com/oxyno-zeta/react-editable-json-tree/blob/09a0ca97835b0834ad054563e2fddc6f22bc5d8c/src/components/JsonFunctionValue.js). To do this, Javascript's [`eval`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval) function is used to execute strings that begin with "function" as Javascript. This unfortunately could allow arbitrary code to be executed if it exists as a value within the JSON structure being displayed. Given that this component may often be used to display data from arbitrary, untrusted sources, this is extremely dangerous. One important note is that users who have defined a custom [`onSubmitValueParser`](https://github.com/oxyno-zeta/react-editable-json-tree/tree/09a0ca97835b0834ad054563e2fddc6f22bc5d8c#onsubmitvalueparser) callback prop on the [`JsonTree`](https://github.com/oxyno-zeta/react-editable-json-tree/blob/09a0ca97835b0834ad054563e2fddc6f22bc5d8c/src/JsonTree.js) component should be ***unaffected***. • https://github.com/oxyno-zeta/react-editable-json-tree/releases/tag/2.2.2 https://github.com/oxyno-zeta/react-editable-json-tree/security/advisories/GHSA-j3rv-w43q-f9x2 • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVE-2022-30241
https://notcve.org/view.php?id=CVE-2022-30241
The jquery.json-viewer library through 1.4.0 for Node.js does not properly escape characters such as < in a JSON object, as demonstrated by a SCRIPT element. jquery.json-viewer library versiones hasta 1.4.0 para Node.js no escapa correctamente los caracteres como < en un objeto JSON, como lo demuestra un elemento SCRIPT • https://github.com/abodelot/jquery.json-viewer/pull/26 https://www.npmjs.com/package/jquery.json-viewer • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-3918 – Prototype Pollution in kriszyp/json-schema
https://notcve.org/view.php?id=CVE-2021-3918
json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') json-schema es vulnerable a la Modificación Indebida de Atributos de Prototipos de Objetos ('Contaminación de Prototipos') The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code. • https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741 https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9 https://lists.debian.org/debian-lts-announce/2022/12/msg00013.html https://access.redhat.com/security/cve/CVE-2021-3918 https://bugzilla.redhat.com/show_bug.cgi?id=2024702 • CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •