CVE-2023-50471

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 14, 2023

Updated: Apr 23, 2024

CWE ID 476

Summary

CVE-2023-50471 is a segmentation vulnerability affecting version 1.7.16 of the popular cJSON library. The issue lies within the function "cJSON_InsertItemInArray" in the file "cJSON.c." An attacker can exploit this flaw by inserting specially crafted data into an array, leading to a buffer overflow and potentially executing arbitrary code. This vulnerability poses a serious risk and requires immediate patching to prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tw5h2C
https://www.cve.org/CVERecord?id=CVE-2023-50471
https://nvd.nist.gov/vuln/detail/CVE-2023-50471

Back to Vulnerability Database

CVE-2023-50471

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations