[USN-8189-1] RapidJSON vulnerability

========================================================================== Ubuntu Security Notice USN-8189-1 April 20, 2026 rapidjson vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: RapidJSON could be made to crash or run programs as an administrator if it opened a specially crafted file. Software Description: - rapidjson: A fast JSON parser/generator for C++ Details: It was discovered that RapidJSON did not properly protect against integer overflows in certain instances when parsing JSON text. A remote attacker could possibly use this issue to craft a malicious JSON file, that when read by RapidJSON, would lead to an elevation of privilege, resulting in the potential disclosure of sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS rapidjson-dev 1.1.0+dfsg2-7.2ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 22.04 LTS rapidjson-dev 1.1.0+dfsg2-7ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 20.04 LTS rapidjson-dev 1.1.0+dfsg2-5ubuntu1+esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS rapidjson-dev 1.1.0+dfsg2-3ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS rapidjson-dev 0.12~git20141031-3ubuntu0.1~esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8189-1 CVE-2024-39684