CVE-2013-6371
EPSS 0.42%
Description
The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions.
How to fix CVE-2013-6371
To remediate CVE-2013-6371, upgrade the affected package to a fixed version below.
- Debian/json-c—upgrade to 0.11-4 or later
Is CVE-2013-6371 being exploited?
Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.11-4