{"id":"PYSEC-2010-30","details":"Buffer overflow in Dan Pascu python-cjson 1.0.5, when UCS-4 encoding is enabled, allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors involving crafted Unicode input to the cjson.encode function.","aliases":["CVE-2010-1666","GHSA-cqmh-mpx2-g633"],"modified":"2023-11-08T03:56:55.969118Z","published":"2010-07-02T19:00:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/40335"},{"type":"WEB","url":"https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2010/1774"},{"type":"ADVISORY","url":"http://www.debian.org/security/2010/dsa-2068"},{"type":"ADVISORY","url":"http://secunia.com/advisories/40500"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-cqmh-mpx2-g633"}],"affected":[{"package":{"name":"python-cjson","ecosystem":"PyPI","purl":"pkg:pypi/python-cjson"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.0"}]}],"versions":["1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/python-cjson/PYSEC-2010-30.yaml"}}],"schema_version":"1.7.3"}