CVE-2023-31441

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-31441

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-31441.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-31441

Published

2023-07-18T15:15:11.663Z

Modified

2025-11-20T12:17:33.354900Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. This is related to the U+FFFD Unicode replacement character. A for loop does not consider that a data structure is being modified during loop execution.

References

Affected packages

Git / github.com/nci-agency/anet

Affected ranges

Type: GIT
Repo: https://github.com/nci-agency/anet
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

55ff62a902403d8d29efa0fb52ea2b650f3191ab

Affected versions

0.*

0.0.14

2.*

2.0.0

2.0.0-beta1

2.0.1

2.0.1-beta1

2.0.1-beta2

2.0.1-beta3

2.0.1-beta4

2.0.1-beta5

2.0.1-beta6

2.0.1-beta7

2.0.10

2.0.11

2.0.12

2.0.13

2.0.14

2.0.15

2.0.16

2.0.17

2.0.18

2.0.18.1

2.0.19

2.0.2

2.0.20

2.0.20.1

2.0.21

2.0.22

2.0.22.1

2.0.23

2.0.24

2.0.25

2.0.26

2.0.27

2.0.28

2.0.29

2.0.3

2.0.3-beta1

2.0.3-beta2

2.0.30

2.0.31

2.0.32

2.0.33

2.0.34

2.0.35

2.0.36

2.0.37

2.0.38

2.0.39

2.0.4

2.0.4-alpha-fast-search

2.0.40

2.0.41

2.0.42

2.0.43

2.0.44

2.0.45

2.0.46

2.0.47

2.0.48

2.0.49

2.0.5

2.0.50

2.0.51

2.0.6

2.0.7

2.0.8

2.0.8-beta1

2.0.9

2.1.0-b1

2.1.1

2.1.10

2.1.11

2.1.12

2.1.13

2.1.14

2.1.15

2.1.16

2.1.17

2.1.18

2.1.19

2.1.2

2.1.20

2.1.22

2.1.23

2.1.24

2.1.25

2.1.26

2.1.27

2.1.28

2.1.29

2.1.3

2.1.30

2.1.31

2.1.32

2.1.33

2.1.34

2.1.35

2.1.36

2.1.37

2.1.38

2.1.39

2.1.4

2.1.40

2.1.41

2.1.42

2.1.42-1

2.1.43

2.1.44

2.1.45

2.1.46

2.1.47

2.1.48

2.1.49

2.1.5

2.1.50

2.1.51

2.1.52

2.1.53

2.1.54

2.1.6

2.1.7

2.1.8

2.1.9

2.2.49

2.2.50

2.2.51

2.2.52

3.*

3.0.53

3.0.54

3.1.0

3.1.1

3.2.0

3.2.1

3.3.0

Other

g24eedc12

gceab9524

gef055a2c

staging-responsive-layout

staging-2.*

staging-2.0.18

v2.*

v2.1.41

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-31441.json"