CVE-2016-10749

Опубликовано: 29 апр. 2019

Источник: debian

EPSS Низкий

Описание

parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
cjson	not-affected			package

Примечания

https://github.com/DaveGamble/cJSON/issues/30
https://www.openwall.com/lists/oss-security/2016/11/07/2
https://github.com/DaveGamble/cJSON/commit/94df772485c92866ca417d92137747b2e3b0a917

EPSS

Процентиль: 68%

0.00571

Низкий

Связанные уязвимости

CVE-2016-10749

CVSS3: 9.8

ubuntu

почти 7 лет назад

parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character.

CVE-2016-10749

CVSS3: 9.8

nvd

почти 7 лет назад

parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character.

GHSA-6q52-cg2r-w8jw

CVSS3: 9.8

github

больше 3 лет назад

parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character.

EPSS

Процентиль: 68%

0.00571

Низкий