RSS   Vulnerabilities for 'Cjson'   RSS

2019-07-19
 
CVE-2019-1010239

CWE-754
 

 
DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later.

 
2019-05-09
 
CVE-2019-11835

CWE-119
 

 
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.

 
 
CVE-2019-11834

CWE-119
 

 
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.

 
2018-08-20
 
CVE-2018-1000215

CWE-772
 

 
Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service (DoS). This attack appear to be exploitable via If the attacker can force the data to be printed and the system is in low memory it can force a leak of memory. This vulnerability appears to have been fixed in 1.7.7.

 


Copyright 2024, cxsecurity.com

 

Back to Top