VDB
CVE-2023-50471
CVE-2023-50471
PUBLISHED
CVSS 7.5 HIGH
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c.
EPSS 0.22% · 45.2th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.22%
45.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | *, n/a |
| davegamble | cjson | 1.7.16, 1.7.16, 1.7.16 |
Timeline
- Dec 14, 2023 CVE Published
- Dec 15, 2023 EPSS Score
- Dec 19, 2023 PoC Published
- Jan 11, 2024 PoC Published
- Jan 13, 2024 EPSS Score
- Mar 12, 2024 EPSS Score
- Apr 10, 2024 EPSS Score
- May 9, 2024 EPSS Score
- Jul 6, 2024 EPSS Score
- Aug 4, 2024 EPSS Score
- Sep 3, 2024 EPSS Score
- Oct 2, 2024 EPSS Score
References
- https://github.com/DaveGamble/cJSON/issues/802 url
- [debian-lts-announce] 20231230 [SECURITY] [DLA 3700-1] cjson security update mailing-list
- FEDORA-2024-74563262c0 vendor-advisory
- FEDORA-2024-b93a6b1325 vendor-advisory
- FEDORA-2024-5b487ca10a vendor-advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQOQ7CAOYBNHGAMNOR7ELGLC22HV3ZQV/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EO4XCUTY3ZMVW4YBG6DBYVS5NSMNP6JY/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSI3LL6ZNKYNM5JKPA5FKZTATL4MPF7V/ url
- https://nvd.nist.gov/vuln/detail/CVE-2023-50471 advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EO4XCUTY3ZMVW4YBG6DBYVS5NSMNP6JY url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSI3LL6ZNKYNM5JKPA5FKZTATL4MPF7V url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQOQ7CAOYBNHGAMNOR7ELGLC22HV3ZQV url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EO4XCUTY3ZMVW4YBG6DBYVS5NSMNP6JY url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSI3LL6ZNKYNM5JKPA5FKZTATL4MPF7V url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQOQ7CAOYBNHGAMNOR7ELGLC22HV3ZQV url