8 matches found
Astra Linux - уязвимость в cjson
In versions of cJSON 1.5.0 through 1.7.18, the decodearrayindexfrompointer function in cJSONUtils.c allows for out-of-bounds access. This enables remote attackers to bypass array bounds checking and access restricted data through malformed JSON pointer strings containing alphanumeric characters...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : cJSON vulnerabilities (USN-7973-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7973-1 advisory. It was discovered that cJSON incorrectly handled parsing large numbers. An attacker could possibly use this issue to caus...
cJSON: out-of-bounds access in decode_array_index_from_pointer() in cJSON_Utils.c via crafted JSON pointer strings
A flaw was found in the cJSON library. A specially crafted JSON pointer string can cause an out-of-bounds access in the decodearrayindexfrompointer function in the cJSONUtils.c file due to improper array bounds checking, causing a crash to the application linked to the library and resulting in a...
cJSON: out-of-bounds access in decode_array_index_from_pointer() in cJSON_Utils.c via crafted JSON pointer strings
A flaw was found in the cJSON library. A specially crafted JSON pointer string can cause an out-of-bounds access in the decodearrayindexfrompointer function in the cJSONUtils.c file due to improper array bounds checking, causing a crash to the application linked to the library and resulting in a...
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.
...
DEBIAN-CVE-2025-57052
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...
CVE-2025-57052
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the decodearrayindexfrompointer function when processing crafted JSON pointer strings. An attacker can cause a denial of service and unexpected behavior by supplying inputs with non-digit character...