CVE-2023-53154

Опубликовано: 23 мая 2025

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 2.9

Описание

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

Релиз	Статус	Примечание
devel	not-affected
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
focal	ignored	end of standard support, was needs-triage
jammy	needs-triage
noble	needs-triage
oracular	not-affected	1.7.18-3
plucky	not-affected
questing	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 4%

0.00018

Низкий

2.9 Low

CVSS3

Связанные уязвимости

CVE-2023-53154

CVSS3: 5.1

redhat

8 месяцев назад

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

CVE-2023-53154

CVSS3: 2.9

nvd

8 месяцев назад

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

CVE-2023-53154

CVSS3: 2.9

msrc

5 месяцев назад

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

CVE-2023-53154

CVSS3: 2.9

debian

8 месяцев назад

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read ...

GHSA-8h4w-44qv-79mq

CVSS3: 2.9

github

8 месяцев назад

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

EPSS

Процентиль: 4%

0.00018

Низкий

2.9 Low

CVSS3

CVE-2023-53154

Описание

Пакет cjson

Ссылки на источники

Связанные уязвимости