ReportizFlow
Filtered by vendor Cjson Project
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57052 | 1 Cjson Project | 1 Cjson | 2025-09-03 | 9.8 Critical |
| cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters. | ||||
| CVE-2024-31755 | 2 Cjson Project, Redhat | 3 Cjson, Satellite, Satellite Capsule | 2025-06-30 | 7.6 High |
| cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c. | ||||
| CVE-2023-26819 | 1 Cjson Project | 1 Cjson | 2025-06-25 | 2.9 Low |
| cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,9999999999999999999999999999999999999999999999912345678901234567]}. | ||||
| CVE-2023-53154 | 1 Cjson Project | 1 Cjson | 2025-06-16 | 2.9 Low |
| parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called. | ||||
Page 1 of 1.