Lua Resty Json
Approved changes feed: RSS · Atom
cpe:2.3:a:cloudflare:lua-resty-json:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Cloudflare (5b4480cb-8cd0-5fc8-8b44-6534513ed911) |
|---|---|
| Product | Lua Resty Json (70cb3190-a11c-5990-beba-8e639e2240f1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/cloudflare/lua-resty-json |
purl2cpe | 2026-06-01 10:13:09.828264 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-3040 |
vulnerable | 2026-06-03 14:52:39.772841 |
Out of Bounds Access Leading to Undefined Behavior
LOW (3.7)
A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a (merged in PR #14) contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that because this debug function was only used in tests and demos, it was not exploitable in a normal environment.
Published: 2023-06-14T11:54:51.131Z
Updated: 2025-01-02T19:21:32.890Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.