CVE-2023-53154 Information

Description

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via \1:1 with no trailing newline if cJSON_ParseWithLength is called.

Reference

https://github.com/DaveGamble/cJSON/compare/v1.7.17…v1.7.18 https://github.com/DaveGamble/cJSON/issues/800 https://github.com/DaveGamble/cJSON/issues/800