CVE-2019-1010239
published 2019-07-19CVE-2019-1010239: DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| davegamble | cjson | — | — |
| davegamble | cjson | >= 0 < 1.7.10-1 | 1.7.10-1 |
| davegamble | cjson | >= 0 < 1.7.10-1 | 1.7.10-1 |
| davegamble | cjson | >= 0 < 1.7.10-1 | 1.7.10-1 |
| davegamble | cjson | >= 0 < 1.7.10-1 | 1.7.10-1 |
| davegamble | cjson_cjson | — | — |
| debian | cjson | < cjson 1.7.10-1 (bookworm) | cjson 1.7.10-1 (bookworm) |
| oracle | timesten_in-memory_database | < 18.1.3.1.0 | 18.1.3.1.0 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH