Vulnerable dependency: cJSON affected by CVE-2025-57052

### Description
Hello,

While reviewing the dependencies of this project, We noticed that **cJSON** is being used and is affected by a critical vulnerability:

- **CVE**: [CVE-2025-57052]( https://nvd.nist.gov/vuln/detail/CVE-2025-57052)(https://github.com/advisories/GHSA-98j5-4649-rfv2): AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H  
- **Publication Date**: 2025-09-03  
- **Description**: 

> cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.


### Impact
This vulnerability could potentially allow full compromise (Confidentiality, Integrity, Availability). Given the severity (CVSS 9.8), it is strongly recommended to update or replace the vulnerable dependency as soon as possible.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Vulnerable dependency: cJSON affected by CVE-2025-57052 #42

Description

Impact

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Vulnerable dependency: cJSON affected by CVE-2025-57052 #42

Description

Description

Impact

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions