CVE-2025-57052

ADVISORY - nist

Summary

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.

EPSS Score: 0.00693 (0.485)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Out-of-bounds Read

Improper Validation of Array Index

ADVISORY - redhat

Improper Validation of Array Index


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in