Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_name": "libjansson-dbg", "binary_version": "2.5-2ubuntu0.1" }, { "binary_name": "libjansson-dev", "binary_version": "2.5-2ubuntu0.1" }, { "binary_name": "libjansson-dev-dbgsym", "binary_version": "2.5-2ubuntu0.1" }, { "binary_name": "libjansson-doc", "binary_version": "2.5-2ubuntu0.1" }, { "binary_name": "libjansson4", "binary_version": "2.5-2ubuntu0.1" }, { "binary_name": "libjansson4-dbgsym", "binary_version": "2.5-2ubuntu0.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_name": "libjansson-dbg", "binary_version": "2.7-3ubuntu0.1" }, { "binary_name": "libjansson-dev", "binary_version": "2.7-3ubuntu0.1" }, { "binary_name": "libjansson-dev-dbgsym", "binary_version": "2.7-3ubuntu0.1" }, { "binary_name": "libjansson-doc", "binary_version": "2.7-3ubuntu0.1" }, { "binary_name": "libjansson4", "binary_version": "2.7-3ubuntu0.1" }, { "binary_name": "libjansson4-dbgsym", "binary_version": "2.7-3ubuntu0.1" } ] }