You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c.
mend-for-github-combot
changed the title
cjsonv1.7.10: 2 vulnerabilities (highest severity is: 9.8)
cjsonv1.7.10: 3 vulnerabilities (highest severity is: 9.8)
Dec 17, 2023
mend-for-github-combot
changed the title
cjsonv1.7.10: 3 vulnerabilities (highest severity is: 9.8)
cjsonv1.7.10: 4 vulnerabilities (highest severity is: 9.8)
Dec 17, 2023
mend-for-github-combot
changed the title
cjsonv1.7.10: 4 vulnerabilities (highest severity is: 9.8)
cjsonv1.7.10: 5 vulnerabilities (highest severity is: 9.8)
Apr 26, 2024
Vulnerable Library - cjsonv1.7.10
Library home page: https://github.com/junyanl-code/cjson.git
Vulnerable Source Files (1)
/vendor/cJSON-1.7.10/cJSON.c
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2019-11835
Vulnerable Library - cjsonv1.7.10
Library home page: https://github.com/junyanl-code/cjson.git
Found in base branch: main
Vulnerable Source Files (1)
/vendor/cJSON-1.7.10/cJSON.c
Vulnerability Details
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.
Publish Date: 2019-05-09
URL: CVE-2019-11835
CVSS 3 Score Details (9.8)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11835
Release Date: 2019-05-09
Fix Resolution: v1.7.11
CVE-2019-11834
Vulnerable Library - cjsonv1.7.10
Library home page: https://github.com/junyanl-code/cjson.git
Found in base branch: main
Vulnerable Source Files (1)
/vendor/cJSON-1.7.10/cJSON.c
Vulnerability Details
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
Publish Date: 2019-05-09
URL: CVE-2019-11834
CVSS 3 Score Details (9.8)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11835
Release Date: 2019-05-09
Fix Resolution: v1.7.11
CVE-2024-31755
Vulnerable Library - cjsonv1.7.10
Library home page: https://github.com/junyanl-code/cjson.git
Found in base branch: main
Vulnerable Source Files (1)
/vendor/cJSON-1.7.10/cJSON.c
Vulnerability Details
cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c.
Publish Date: 2024-04-26
URL: CVE-2024-31755
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Release Date: 2024-04-26
Fix Resolution: 7e4d5dabe7a9b754c601f214e65b544e67ba9f59
CVE-2023-50472
Vulnerable Library - cjsonv1.7.10
Library home page: https://github.com/junyanl-code/cjson.git
Found in base branch: main
Vulnerable Source Files (1)
/vendor/cJSON-1.7.10/cJSON.c
Vulnerability Details
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_SetValuestring at cJSON.c.
Publish Date: 2023-12-14
URL: CVE-2023-50472
CVSS 3 Score Details (7.5)
Base Score Metrics:
CVE-2023-50471
Vulnerable Library - cjsonv1.7.10
Library home page: https://github.com/junyanl-code/cjson.git
Found in base branch: main
Vulnerable Source Files (1)
/vendor/cJSON-1.7.10/cJSON.c
Vulnerability Details
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c.
Publish Date: 2023-12-14
URL: CVE-2023-50471
CVSS 3 Score Details (7.5)
Base Score Metrics:
The text was updated successfully, but these errors were encountered: