Описание
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.7.19-2 |
| esm-apps/focal | released | 1.7.10-1.1ubuntu0.1~esm1 |
| esm-apps/jammy | released | 1.7.15-1ubuntu0.1 |
| esm-apps/noble | released | 1.7.17-1ubuntu0.1~esm3 |
| jammy | released | 1.7.15-1ubuntu0.1 |
| noble | needed | |
| plucky | ignored | end of life, was needed |
| questing | released | 1.7.18-3.1ubuntu0.1 |
| upstream | released | 1.7.19 |
Показывать по
Ссылки на источники
9.8 Critical
CVSS3
Связанные уязвимости
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_ ...
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.
9.8 Critical
CVSS3