421 matches found
Azure Linux 3.0 Security Update: libglvnd (CVE-2023-26819)
The version of libglvnd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-26819 advisory. - cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as a: true, b:...
CVE-2018-1000216
Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could...
CVE-2018-1000217
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...
CVE-2016-10749
parsestring in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character...
CVE-2019-11834
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal...
CVE-2019-11835
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments...
Wazuh 代码问题漏洞
Wazuh is a Wazuh open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A code issue vulnerability exists in Wazuh versions prior to 4.11.0 that stems from not checking the...
OESA-2025-2491 cjson security update
cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - %description devel The cjson-devel package contains libraries and header files for developing...
OESA-2025-2377 cjson security update
cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - %description devel The cjson-devel package contains libraries and header files for developing...
OESA-2025-2376 cjson security update
cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - %description devel The cjson-devel package contains libraries and header files for developing...
OESA-2025-2375 cjson security update
cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - %description devel The cjson-devel package contains libraries and header files for developing...
OESA-2025-2374 cjson security update
cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - %description devel The cjson-devel package contains libraries and header files for developing...
SUSE SLED15 / SLES15 Security Update : cJSON (SUSE-SU-2025:03520-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03520-1 advisory. - CVE-2023-26819: Allocate memory for the temporary buffer when paring numbers bsc1241502 - CVE-2025-57052: F...
Security update for cJSON
This update for cJSON fixes the following issues: CVE-2023-26819: Allocate memory for the temporary buffer when paring numbers bsc1241502 CVE-2025-57052: Fix the incorrect check in decodearrayindexfrompointer bsc1249112 Patch Instructions: To install this SUSE update use the SUSE recommended...
SUSE-SU-2025:03520-1 Security update for cJSON
This update for cJSON fixes the following issues: - CVE-2023-26819: Allocate memory for the temporary buffer when paring numbers bsc1241502 - CVE-2025-57052: Fix the incorrect check in decodearrayindexfrompointer bsc1249112...
cJSON: out-of-bounds access in decode_array_index_from_pointer() in cJSON_Utils.c via crafted JSON pointer strings
A flaw was found in the cJSON library. A specially crafted JSON pointer string can cause an out-of-bounds access in the decodearrayindexfrompointer function in the cJSONUtils.c file due to improper array bounds checking, causing a crash to the application linked to the library and resulting in a...
Important: Red Hat Security Advisory: Satellite 6.16.5.4 Async Update
A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
cJSON: out-of-bounds access in decode_array_index_from_pointer() in cJSON_Utils.c via crafted JSON pointer strings
A flaw was found in the cJSON library. A specially crafted JSON pointer string can cause an out-of-bounds access in the decodearrayindexfrompointer function in the cJSONUtils.c file due to improper array bounds checking, causing a crash to the application linked to the library and resulting in a...
Important: Red Hat Security Advisory: Satellite 6.17.5 Async Update
A new release is now available for Red Hat Satellite 6.17 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
cJSON: out-of-bounds access in decode_array_index_from_pointer() in cJSON_Utils.c via crafted JSON pointer strings
A flaw was found in the cJSON library. A specially crafted JSON pointer string can cause an out-of-bounds access in the decodearrayindexfrompointer function in the cJSONUtils.c file due to improper array bounds checking, causing a crash to the application linked to the library and resulting in a...