Information on source package cjson

Available versions

Release	Version
buster	1.7.10-1.1+deb10u1
buster (security)	1.7.10-1.1+deb10u2
bullseye	1.7.14-1
bookworm	1.7.15-1
trixie	1.7.17-2
sid	1.7.17-2

Open issues

Bug	buster	bullseye	bookworm	trixie	sid	Description
CVE-2023-50471	fixed	vulnerable (no DSA)	vulnerable (no DSA)	fixed	fixed	cJSON v1.7.16 was discovered to contain a segmentation violation via t ...

Open unimportant issues

Bug	buster	bullseye	bookworm	trixie	sid	Description
CVE-2023-50472	fixed	vulnerable	vulnerable	fixed	fixed	cJSON v1.7.16 was discovered to contain a segmentation violation via t ...

Resolved issues

Bug	Description
CVE-2019-1010239	DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusua ...
CVE-2019-11835	cJSON before 1.7.11 allows out-of-bounds access, related to multiline ...
CVE-2019-11834	cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a ...
CVE-2018-1000217	Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use Af ...
CVE-2018-1000216	Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double ...
CVE-2018-1000215	Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnera ...
CVE-2016-10749	parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-r ...

Security announcements

DSA / DLA	Description
DLA-3700-1	cjson - security update