Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-fqq7-vx9f-v496

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.5

Описание

DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later.

DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later.

Ссылки

EPSS

Процентиль: 64%
0.00467
Низкий

7.5 High

CVSS3

CVE ID

CVE-2019-1010239

Дефекты

CWE-476
CWE-754

Связанные уязвимости

ubuntu логотип

CVE-2019-1010239

CVSS3: 7.5
ubuntu
больше 6 лет назад

DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later.

nvd логотип

CVE-2019-1010239

CVSS3: 7.5
nvd
больше 6 лет назад

DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later.

debian логотип

CVE-2019-1010239

CVSS3: 7.5
debian
больше 6 лет назад

DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusua ...

fstec логотип

BDU:2020-04950

CVSS3: 7.5
fstec
больше 6 лет назад

Уязвимость компонента Install (Dave Gamble/cJSON) реляционной базы данных на уровне приложений Oracle TimesTen In-Memory Database, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 64%
0.00467
Низкий

7.5 High

CVSS3

CVE ID

CVE-2019-1010239

Дефекты

CWE-476
CWE-754