GHSA-8h4w-44qv-79mq

Опубликовано: 23 мая 2025

Источник: github

Github: Не прошло ревью

CVSS3: 2.9

Описание

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

Ссылки

EPSS

Процентиль: 4%

0.00018

Низкий

2.9 Low

CVSS3

CVE ID

CVE-2023-53154

Дефекты

CWE-125

Связанные уязвимости

CVE-2023-53154

CVSS3: 2.9

ubuntu

8 месяцев назад

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

CVE-2023-53154

CVSS3: 5.1

redhat

8 месяцев назад

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

CVE-2023-53154

CVSS3: 2.9

nvd

8 месяцев назад

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

CVE-2023-53154

CVSS3: 2.9

msrc

5 месяцев назад

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

CVE-2023-53154

CVSS3: 2.9

debian

8 месяцев назад

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read ...

EPSS

Процентиль: 4%

0.00018

Низкий

2.9 Low

CVSS3

CVE ID

CVE-2023-53154

Дефекты

CWE-125