428 matches found
ALPINE-CVE-2025-57052
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...
CVE-2025-57052
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...
DEBIAN-CVE-2025-57052
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...
UBUNTU-CVE-2025-57052
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...
CVE-2025-57052
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...
CVE-2025-57052
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the decodearrayindexfrompointer function when processing crafted JSON pointer strings. An attacker can cause a denial of service and unexpected behavior by supplying inputs with non-digit character...
CVE-2025-57052
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...
cJSON 安全漏洞
cJSON is a lightweight open source JSON parser from the individual developer Dave Gamble. A security vulnerability exists in cJSON version 1.7.18 and earlier, which stems from an out-of-bounds access vulnerability in the decodearrayindexfrompointer function that could lead to bypassing array boun...
CVE-2025-57052
CVE-2025-57052 affects cJSON versions 1.5.0–1.7.18. The vulnerability arises from an out-of-bounds access in the function decode_array_index_from_pointer (cJSON_Utils.c), enabling manipulation via crafted JSON pointer strings. Connected advisories confirm impact across multiple distributions and ...
CVE-2025-57052
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...
Linux Distros Unpatched Vulnerability : CVE-2023-50472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONSetValuestring at cJSON.c. CVE-2023-50472 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2023-50471
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONInsertItemInArray at cJSON.c. CVE-2023-50471 Note that Nessus relies on t...
Linux Distros Unpatched Vulnerability : CVE-2024-31755
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSONSetValuestring at cJSON.c...
Linux Distros Unpatched Vulnerability : CVE-2023-26819
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as a: true, b:...
Linux Distros Unpatched Vulnerability : CVE-2023-53154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - parsestring in cJSON before 1.7.18 has a heap-based buffer over-read via 1:1, with no trailing newline if cJSONParseWithLength is called. CVE-2023-53154 Note th...
OESA-2025-1995 cjson security update
cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - Requires: pkgconfig %description devel The cjson-devel package contains libraries and header files...
OESA-2025-1993 cjson security update
cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - Requires: pkgconfig %description devel The cjson-devel package contains libraries and header files...
OESA-2025-1992 cjson security update
cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. %package devel Summary: Development files for cJSON Requires: = - Requires: pkgconfig %description devel The cjson-devel package contains libraries and header files...
ROOT-OS-DEBIAN-12-CVE-2023-53154 CVE-2023-53154 in rootio-cjson - Patched by Root
Root has patched CVE-2023-53154 in the rootio-cjson package for Root:Debian:12. Multiple fixed versions available...