HIGH🇬🇧 English

CVE-2023-50471

CVSS 7.5v3.1pub. 2023-12-14upd. 2025-11-04

cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Davegamble Cjson

    APP
    Davegamble
    1.7.16
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-57052CRITICAL9.8PL ✓ten sam produkt

Out-of-bounds access w cJSON przez funkcję decode_array_index_from_pointer

CVE-2019-11834CRITICAL9.8ten sam produkt

cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.

CVE-2019-11835CRITICAL9.8ten sam produkt

cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.

CVE-2016-10749CRITICAL9.8ten sam produkt

parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that be...

CVE-2018-1000217CRITICAL9.8ten sam produkt

Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library ...