Описание
cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| cjson | fixed | 1.7.18-1 | package | |
| cjson | fixed | 1.7.15-1+deb12u2 | bookworm | package |
| cjson | fixed | 1.7.14-1+deb11u1 | bullseye | package |
| cjson | postponed | buster | package |
Примечания
https://github.com/DaveGamble/cJSON/issues/839
https://github.com/DaveGamble/cJSON/pull/840
https://github.com/DaveGamble/cJSON/commit/7e4d5dabe7a9b754c601f214e65b544e67ba9f59 (v1.7.18)
EPSS
Связанные уязвимости
cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c.
cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c.
cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c.
cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c.
EPSS