Vulnerabilities > Cjson Project > Cjson > 1.5.1

DATE CVE VULNERABILITY TITLE RISK
2019-05-09 CVE-2019-11835 Out-of-bounds Write vulnerability in multiple products
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.
network
low complexity
cjson-project oracle CWE-787
critical
 9.8
9.8
2019-05-09 CVE-2019-11834 Out-of-bounds Write vulnerability in multiple products
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
network
low complexity
cjson-project oracle CWE-787
critical
 9.8
9.8
2018-08-20 CVE-2018-1000217 Use After Free vulnerability in Cjson Project Cjson
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE.
network
low complexity
cjson-project CWE-416
critical
 9.8
9.8
2018-08-20 CVE-2018-1000216 Double Free vulnerability in Cjson Project Cjson
Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE.
network
low complexity
cjson-project CWE-415
8.8
8.8
2018-08-20 CVE-2018-1000215 Missing Release of Resource after Effective Lifetime vulnerability in Cjson Project Cjson
Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service (DoS).
network
low complexity
cjson-project CWE-772
7.5
7.5