CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-50472
https://notcve.org/view.php?id=CVE-2023-50472
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_SetValuestring at cJSON.c. Se descubrió que cJSON v1.7.16 contenía una infracción de segmentación a través de la función cJSON_SetValuestring en cJSON.c. • https://github.com/DaveGamble/cJSON/issues/803 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-50471
https://notcve.org/view.php?id=CVE-2023-50471
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c. Se descubrió que cJSON v1.7.16 contenía una infracción de segmentación a través de la función cJSON_InsertItemInArray en cJSON.c. • https://github.com/DaveGamble/cJSON/issues/802 https://lists.debian.org/debian-lts-announce/2023/12/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EO4XCUTY3ZMVW4YBG6DBYVS5NSMNP6JY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSI3LL6ZNKYNM5JKPA5FKZTATL4MPF7V https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQOQ7CAOYBNHGAMNOR7ELGLC22HV3ZQV • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-1010239
https://notcve.org/view.php?id=CVE-2019-1010239
DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later. cJSON versión 1.7.8 de DaveGamble/cJSON, está afectada por: Comprobación Inapropiada de Condiciones Inusuales o Excepcionales. • https://github.com/DaveGamble/cJSON/commit/be749d7efa7c9021da746e685bd6dec79f9dd99b https://github.com/DaveGamble/cJSON/issues/315 https://www.oracle.com/security-alerts/cpuoct2020.html • CWE-476: NULL Pointer Dereference CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-11835
https://notcve.org/view.php?id=CVE-2019-11835
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments. cJSON, versiones anteriores a 1.7.11, permite el acceso fuera de límites, relacionado con los comentarios multilínea. • https://github.com/DaveGamble/cJSON/compare/c69134d...93688cb https://github.com/DaveGamble/cJSON/issues/338 https://github.com/DaveGamble/cJSON/releases/tag/v1.7.11 https://www.oracle.com/security-alerts/cpuoct2020.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-11834
https://notcve.org/view.php?id=CVE-2019-11834
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal. cJSON, versiones anteriores a 1.7.11, permite el acceso fuera de límites, relacionado con \x00 en un literal de cadena. • https://github.com/DaveGamble/cJSON/compare/c69134d...93688cb https://github.com/DaveGamble/cJSON/issues/337 https://github.com/DaveGamble/cJSON/releases/tag/v1.7.11 https://www.oracle.com/security-alerts/cpuoct2020.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •