Bugs fixes in "cjson"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2025-57052 | cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers t | 2026-01-26 |
| CVE | CVE-2023-53154 | parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called. | 2026-01-26 |
| CVE | CVE-2023-26819 | cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,99999999999999999999999999999999999999999999 | 2026-01-26 |
| CVE | CVE-2025-57052 | cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers t | 2026-01-26 |
| CVE | CVE-2025-57052 | cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers t | 2026-01-26 |
| CVE | CVE-2023-53154 | parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called. | 2026-01-26 |
| CVE | CVE-2023-26819 | cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,99999999999999999999999999999999999999999999 | 2026-01-26 |
| CVE | CVE-2025-57052 | cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers t | 2026-01-26 |
About
-
Send Feedback to @ubuntu_updates
