Vulnerability Details CVE-2018-17072
JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2018-17072
-
cpe:2.3:a:json++_project:json++:1.0.0
-
cpe:2.3:a:json++_project:json++:1.0.1
-
cpe:2.3:a:json++_project:json++:2013-07-25
-
cpe:2.3:a:json++_project:json++:2013-07-26
-
cpe:2.3:a:json++_project:json++:2013-07-29
-
cpe:2.3:a:json++_project:json++:2013-11-17
-
cpe:2.3:a:json++_project:json++:2014-02-01
-
cpe:2.3:a:json++_project:json++:2014-02-21
-
cpe:2.3:a:json++_project:json++:2014-03-11
-
cpe:2.3:a:json++_project:json++:2014-07-20
-
cpe:2.3:a:json++_project:json++:2014-07-21
-
cpe:2.3:a:json++_project:json++:2014-09-19
-
cpe:2.3:a:json++_project:json++:2014-10-26
-
cpe:2.3:a:json++_project:json++:2014-10-27
-
cpe:2.3:a:json++_project:json++:2014-12-01
-
cpe:2.3:a:json++_project:json++:2015-09-18
-
cpe:2.3:a:json++_project:json++:2015-09-21
-
cpe:2.3:a:json++_project:json++:2015-09-24
-
cpe:2.3:a:json++_project:json++:2016-06-14
-
cpe:2.3:a:json++_project:json++:2016-06-15