Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 579
Alerts This Week
Warning Icon 1 579

Fedora 44 cjson Moderate Out-of-Bounds Access Issues FEDORA-2026-0c3f6c7c67

fedora
Calendar Grey July 10, 2026
Dist Fedora Esm H88
The Fedora 44 security advisory discusses cjson update 1.7.19 addressing moderate severity vulnerabilities and their impact.
Update to version 1.7.19

Summary

cJSON aims to be the dumbest possible parser that you can get your job

done with. It's a single file of C, and a single header file.

Update Information:

Update to version 1.7.19. https://github.com/DaveGamble/cJSON/blob/v1.7.19/CHANGELOG.md

Change Log

* Wed Jul 1 2026 Carl George - 1.7.19-1 - Update to version 1.7.19 rhbz#2394084

References


[ 1 ] Bug #2495843 - CVE-2025-57052 cjson: out-of-bounds access in decode_array_index_from_pointer() in cJSON_Utils.c via crafted JSON pointer strings [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2495843 [ 2 ] Bug #2495846 - CVE-2023-26819 cjson: cJSON rejects a valid text [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2495846

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0c3f6c7c67' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
moderate
Lowest
Low
Medium
High
Critical

Name: cjson
Product: Fedora 44
Version: 1.7.19
Release: 1.fc44
Summary: Ultralightweight JSON parser in ANSI C

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.