CVE-2016-10749

Published April 29th, 2019

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character.

DaveGamble/cJSON

Ultralightweight JSON parser in ANSI C

GitHub

12.8K