Lucene search

[email protected]NVD:CVE-2023-50471

HistoryDec 14, 2023 - 8:15 p.m.

CVE-2023-50471

2023-12-1420:15:53

CWE-476

[email protected]

web.nvd.nist.gov

cve-2023-50471

cjson

segmentation violation

cjson_insertiteminarray

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

20.4%

JSON

cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c.

Affected configurations

NVD

Node

cjson_projectcjsonMatch1.7.16

References

github.com/DaveGamble/cJSON/issues/802

lists.debian.org/debian-lts-announce/2023/12/msg00023.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EO4XCUTY3ZMVW4YBG6DBYVS5NSMNP6JY/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSI3LL6ZNKYNM5JKPA5FKZTATL4MPF7V/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQOQ7CAOYBNHGAMNOR7ELGLC22HV3ZQV/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

20.4%

JSON

Related for NVD:CVE-2023-50471

nessus5 openvas7 debian1 veracode1 cbl_mariner1 prion1 fedora3 gitlab1 cve1 debiancve1 ubuntucve1 redhatcve1 osv3 cvelist1 alpinelinux1 mageia1 ubuntu1