Lucene search
K

428 matches found

OSV
OSV
added 2025/09/03 3:15 p.m.4 views

ALPINE-CVE-2025-57052

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...

9.8CVSS7.1AI score0.00693EPSS
Exploits1References1
NVD
NVD
added 2025/09/03 3:15 p.m.3 views

CVE-2025-57052

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...

9.8CVSS0.00693EPSS
Exploits1References2
OSV
OSV
added 2025/09/03 3:15 p.m.3 views

DEBIAN-CVE-2025-57052

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...

9.8CVSS8.5AI score0.00693EPSS
Exploits1References1
OSV
OSV
added 2025/09/03 3:15 p.m.2 views

UBUNTU-CVE-2025-57052

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...

9.8CVSS5.8AI score0.00693EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2025/09/03 12:0 a.m.5 views

CVE-2025-57052

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...

9.8CVSS8.5AI score0.00693EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2025/09/03 12:0 a.m.5 views

CVE-2025-57052

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...

9.8CVSS7.1AI score0.00693EPSS
Exploits1
Snyk
Snyk
added 2025/09/03 12:0 a.m.4 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the decodearrayindexfrompointer function when processing crafted JSON pointer strings. An attacker can cause a denial of service and unexpected behavior by supplying inputs with non-digit character...

9.8CVSS6.8AI score0.00693EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/03 12:0 a.m.2 views

CVE-2025-57052

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...

6.5AI score0.00693EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/09/03 12:0 a.m.4 views

cJSON 安全漏洞

cJSON is a lightweight open source JSON parser from the individual developer Dave Gamble. A security vulnerability exists in cJSON version 1.7.18 and earlier, which stems from an out-of-bounds access vulnerability in the decodearrayindexfrompointer function that could lead to bypassing array boun...

9.8CVSS6.3AI score0.00693EPSS
Exploits1References1
CVE
CVE
added 2025/09/03 12:0 a.m.61 views

CVE-2025-57052

CVE-2025-57052 affects cJSON versions 1.5.0–1.7.18. The vulnerability arises from an out-of-bounds access in the function decode_array_index_from_pointer (cJSON_Utils.c), enabling manipulation via crafted JSON pointer strings. Connected advisories confirm impact across multiple distributions and ...

9.8CVSS6.5AI score0.00693EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/09/03 12:0 a.m.11 views

CVE-2025-57052

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...

0.00693EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-50472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONSetValuestring at cJSON.c. CVE-2023-50472 Note that Nessus relies on the...

7.5CVSS6.2AI score0.00961EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-50471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONInsertItemInArray at cJSON.c. CVE-2023-50471 Note that Nessus relies on t...

7.5CVSS7.7AI score0.01508EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-31755

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSONSetValuestring at cJSON.c...

7.6CVSS7.7AI score0.00648EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-26819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as a: true, b:...

2.9CVSS5.7AI score0.00196EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-53154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - parsestring in cJSON before 1.7.18 has a heap-based buffer over-read via 1:1, with no trailing newline if cJSONParseWithLength is called. CVE-2023-53154 Note th...

5.5CVSS5.7AI score0.00219EPSS
Exploits1References2
OSV
OSV
added 2025/08/15 12:39 p.m.3 views

OESA-2025-1995 cjson security update

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - Requires: pkgconfig %description devel The cjson-devel package contains libraries and header files...

2.9CVSS6.8AI score0.00196EPSS
Exploits1References2
OSV
OSV
added 2025/08/15 12:39 p.m.2 views

OESA-2025-1993 cjson security update

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - Requires: pkgconfig %description devel The cjson-devel package contains libraries and header files...

2.9CVSS6.8AI score0.00196EPSS
Exploits1References2
OSV
OSV
added 2025/08/15 12:39 p.m.3 views

OESA-2025-1992 cjson security update

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - Requires: pkgconfig %description devel The cjson-devel package contains libraries and header files...

2.9CVSS6.8AI score0.00196EPSS
Exploits1References2
OSV
OSV
added 2025/08/12 8:24 a.m.2 views

ROOT-OS-DEBIAN-12-CVE-2023-53154 CVE-2023-53154 in rootio-cjson - Patched by Root

Root has patched CVE-2023-53154 in the rootio-cjson package for Root:Debian:12. Multiple fixed versions available...

5.5CVSS5.4AI score0.00219EPSS
Exploits1
Rows per page
Query Builder