Vulnerabilities in cJSON project

2 results

CVE-2023-53154LOWparse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is calleEPSS 0.2%CVE-2023-26819LOWcJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,99999999999999999999999999999999999EPSS 0.2%