cbcvebase.
CVE-2019-11835
published 2019-05-09

CVE-2019-11835: cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.

Affected

12 ranges
VendorProductVersion rangeFixed in
davegamblecjson< 1.7.111.7.11
davegamblecjson>= 0 < 1.7.10-1.11.7.10-1.1
davegamblecjson>= 0 < 1.7.10-1.11.7.10-1.1
davegamblecjson>= 0 < 1.7.10-1.11.7.10-1.1
davegamblecjson>= 0 < 1.7.10-1.11.7.10-1.1
debiancjson< cjson 1.7.10-1.1 (bookworm)cjson 1.7.10-1.1 (bookworm)
msrcazl3_ceph_18.2.2-8_on_azure_linux_3.0
msrcazl3_libglvnd_1.7.0-2_on_azure_linux_3.0
msrcazure_linux_3.0_arm
msrcazure_linux_3.0_x64
msrccbl2_pytorch_2.5.1-1_on_cbl_mariner_2.0
oracletimesten_in-memory_database< 18.1.3.1.018.1.3.1.0

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL