Vulnerability Description
Buffer overflow vulnerability in function json_parse_object in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Json.H Project | Json.H | < 2022-11-14 |
Related Weaknesses (CWE)
References
- https://github.com/hyrathon/trophies/security/advisories/GHSA-wvpq-p7pp-cj6mExploitThird Party Advisory
- https://github.com/sheredom/json.hProductThird Party Advisory
- https://github.com/sheredom/json.h/issues/93Issue TrackingPatchThird Party Advisory
- https://github.com/sheredom/json.h/issues/97Issue TrackingPatchThird Party Advisory
- https://github.com/hyrathon/trophies/security/advisories/GHSA-wvpq-p7pp-cj6mExploitThird Party Advisory
- https://github.com/sheredom/json.hProductThird Party Advisory
- https://github.com/sheredom/json.h/issues/93Issue TrackingPatchThird Party Advisory
- https://github.com/sheredom/json.h/issues/97Issue TrackingPatchThird Party Advisory
FAQ
What is CVE-2022-45494?
CVE-2022-45494 is a vulnerability with a CVSS score of 7.8 (HIGH). Buffer overflow vulnerability in function json_parse_object in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gai...
How severe is CVE-2022-45494?
CVE-2022-45494 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-45494?
Check the references section above for vendor advisories and patch information. Affected products include: Json.H Project Json.H.