MGASA-2026-0073

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2026-0073.html

Import Source

https://advisories.mageia.org/MGASA-2026-0073.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2026-0073

Related

CVE-2026-32874
CVE-2026-32875

Published

2026-03-29T00:55:09Z

Modified

2026-03-29T01:02:11.604434Z

Summary

Updated python-ujson packages fix security vulnerabilities

Details

CVE-2026-32874 ujson 5.4.0 to 5.11.0 inclusive contains an accumulating memory leak in JSON parsing large (outside of the range [-2^63, 2^64 - 1]) integers. ujson 5.4.0 to 5.11.0 has an integer overflow while handling a large indent which leads to a buffer overflow or infinite loop.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / python-ujson

Package

Name: python-ujson
Purl: pkg:rpm/mageia/python-ujson?arch=source&distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.7.0-1.1.mga9

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2026-0073.json"