CNNVD-202509-333 Information

CNNVD ID

CNNVD-202509-333

Related CVE

CVE-2025-57052

• CNNVD Published: 2025-09-03

Description (Chinese)

cJSON是Dave Gamble个人开发者的一款轻量级的开源JSON解析器。 cJSON 1.7.18及之前版本存在安全漏洞，该漏洞源于decode_array_index_from_pointer函数存在越界访问漏洞，可能导致绕过数组边界检查。

Description (English)

cJSON is a lightweight, open-source JSON solver for Dave Gamble personal developers. cJSON 1.7.18 and previous versions contain a security loophole, which stems from a breach of cross-border access in the decode array index from pointer function, which may lead to the circumvention of several clusters of border checks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-03

Last Modified

2026-02-24

References

https://x-0r.com/posts/cJSON-Array-Index-Parsing-Vulnerability