Davegamble: >> Cjson >> 1.7.16 Security Vulnerabilities
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-09-03
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-12-14
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_SetValuestring at cJSON.c.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-12-14