cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDavegamble Cjson
APPDavegamble< 1.7.11Oracle Timesten In Memory Database
APPOracle< 18.1.3.1.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Memory
Referencje
Powiązane podatności
CVE-2025-57052CRITICAL9.8PL ✓ten sam produkt
Out-of-bounds access w cJSON przez funkcję decode_array_index_from_pointer
CVE-2019-11835CRITICAL9.8ten sam produkt
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.
CVE-2016-10749CRITICAL9.8ten sam produkt
parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that be...
CVE-2018-11058CRITICAL9.8ten sam produkt
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAF...
CVE-2018-1000217CRITICAL9.8ten sam produkt
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library ...