An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. Reference: https://github.com/akheron/jansson/issues/548
Created jansson tracking bugs for this issue: Affects: fedora-all [bug 1954174] Created mingw-jansson tracking bugs for this issue: Affects: fedora-all [bug 1954175]
Statement: A CVE was incorrectly assigned for this issue, which was a problem in the fuzzer code and not in the jansson library itself.
See https://github.com/akheron/jansson/issues/548#issuecomment-828007511 for more details.