7.5

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-36325

CVE-2020-36325: An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's...

An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2020-36325

CVE-2020-36325:

7.5

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The analysis is based on the crash stack trace provided in the GitHub issue #548, which was referenced in the vulnerability details. This stack trace shows the sequence of function calls leading to the out-of-bounds read. Since no specific commit patches were available, the crash log provides the most direct evidence of functions involved at runtime when the vulnerability is triggered. The functions listed are those present in the call stack at the time of the crash, starting from the entry point json_loads down to string_get where the segmentation fault occurred. The vulnerability description explicitly names json_loads as the source of the parsing error.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

7.5

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2020-36325: An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's...

CVE-2020-36325:

7.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2020-36325: An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's...

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

7.5

7.5

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI