CVE Daily

CVE-2019-1010239

DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Excep...

High CVSS 7.5

Overview

DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later.

CWE: CWE-476 Published: 2019-07-19T17:15:11.783
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.5 (HIGH)
  • Detected tags: dos (tag impact: LOW)

Recommended actions:

  • Rate limiting, resource quotas and circuit breakers.

Recommended tools

Tags