VDB
CVE-2023-53154
CVE-2023-53154
PUBLISHED
CVSS 2.9000000953674316 LOW
parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.
EPSS 0.09% · 25.4th percentile
Risk Scores
CVSS 3.1
2.9000000953674316
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
0.09%
25.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cJSON project | cJSON | 0, 0 |
| cjson_project | cjson | 0, 0, 0 |
Timeline
- May 23, 2025 CVE Published
- May 23, 2025 Coalition ESS Score
- May 23, 2025 PoC Published
- May 24, 2025 EPSS Score
- May 28, 2025 Coalition ESS Score
- Jun 4, 2025 EPSS Score
- Jun 15, 2025 EPSS Score
- Jun 16, 2025 Coalition ESS Score
- Jun 26, 2025 EPSS Score
- Jul 7, 2025 EPSS Score
- Jul 18, 2025 EPSS Score
- Jul 22, 2025 Coalition ESS Score