Explore top 10 tips to secure your open-source projects now. Read More
×cJSON aims to be the dumbest possible parser that you can get your job
done with. It's a single file of C, and a single header file.
Update Information:
Update to version 1.7.19. https://github.com/DaveGamble/cJSON/blob/v1.7.19/CHANGELOG.md
* Wed Jul 1 2026 Carl George
[ 1 ] Bug #2495843 - CVE-2025-57052 cjson: out-of-bounds access in decode_array_index_from_pointer() in cJSON_Utils.c via crafted JSON pointer strings [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2495843
[ 2 ] Bug #2495846 - CVE-2023-26819 cjson: cJSON rejects a valid text [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2495846
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0c3f6c7c67' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.