CVE-2016-4425

Source
Severity Medium
Remote Yes
Type Denial of service
Description
Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.
Group Package Affected Fixed Severity Status Ticket
AVG-19 jansson 2.7-1 2.8-1 Medium Fixed
AVG-12 lib32-jansson 2.7-2 2.8-1 Medium Fixed
Date Advisory Group Package Severity Description
20 Sep 2016 ASA-201609-17 AVG-12 lib32-jansson Medium denial of service
20 Sep 2016 ASA-201609-15 AVG-19 jansson Medium denial of service
References
https://github.com/akheron/jansson/issues/282
http://marc.info/?l=oss-security&m=146219323703639&w=2