VDB

DEBIAN-CVE-2023-33460

DEBIAN-CVE-2023-33460 PUBLISHED CVSS 6.5 MEDIUM

There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:11yajl2.1.0-3, 0, 2.1.0-3
Debian:14r-cran-jsonlite0, 0, 0
Debian:14yajl0, 0, 0
Debian:13yajl0, 0, 0
Debian:13r-cran-jsonlite0, 0, 0
Debian:12r-cran-jsonlite1.8.7+dfsg-1, 0, 1.8.4+dfsg-1
Debian:12yajl0, 2.1.0-3, 2.1.0-3
Debian:11r-cran-jsonlite1.8.0+dfsg-1, 1.7.3+dfsg-1, 0

Timeline

  • Jun 6, 2023 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›