Arduino Json Project » Arduino Json : Security Vulnerabilities, CVEs,
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service (crash) via a JSON string with a \ (backslash) followed by a terminator, as demonstrated by "\\\0", which triggers a buffer overflow and over-read.
Max CVSS
5.0
EPSS Score
1.54%
Published
2015-06-22
Updated
2015-06-23
1 vulnerabilities found