CVE-2022-45494

HIGH

json.h < 2022-11-14 - Buffer Overflow in json_parse_object

Title source: llm
STIX 2.1

Description

Buffer overflow vulnerability in function json_parse_object in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges.

References (4)

Core 4
Core References
Issue Tracking, Patch, Third Party Advisory
https://github.com/sheredom/json.h/issues/93
Issue Tracking, Patch, Third Party Advisory
https://github.com/sheredom/json.h/issues/97

Scores

CVSS v3 7.8
EPSS 0.0041
EPSS Percentile 33.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (1)
json.h_project/json.h < 2022-11-14
Published Jan 31, 2023
Tracked Since Feb 18, 2026