CVSS: 2.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-53154
https://notcve.org/view.php?id=CVE-2023-53154
23 May 2025 — parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called. • https://github.com/DaveGamble/cJSON/compare/v1.7.17...v1.7.18 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-50471 – cjson: segmentation violation in function cJSON_InsertItemInArray
https://notcve.org/view.php?id=CVE-2023-50471
14 Dec 2023 — cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c. Se descubrió que cJSON v1.7.16 contenía una infracción de segmentación a través de la función cJSON_InsertItemInArray en cJSON.c. A flaw was discovered in the cJSON package. Certain input conditions may trigger a null pointer dereference, which can lead to a denial of service. An update that fixes three vulnerabilities is now available. • https://github.com/DaveGamble/cJSON/issues/802 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-50472 – cjson: segmentation violation in function cJSON_SetValuestring
https://notcve.org/view.php?id=CVE-2023-50472
14 Dec 2023 — cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_SetValuestring at cJSON.c. Se descubrió que cJSON v1.7.16 contenía una infracción de segmentación a través de la función cJSON_SetValuestring en cJSON.c. A flaw was discovered in the cJSON package. Certain input conditions may trigger a null pointer dereference, which can lead to a denial of service. An update that fixes three vulnerabilities is now available. • https://github.com/DaveGamble/cJSON/issues/803 • CWE-476: NULL Pointer Dereference •