Unrated severityNVD Advisory· Published Jun 22, 2015· Updated Jun 17, 2026
CVE-2015-4590
CVE-2015-4590
Description
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service (crash) via a JSON string with a \ (backslash) followed by a terminator, as demonstrated by "\\\0", which triggers a buffer overflow and over-read.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:a:arduino_json_project:arduino_json:*:*:*:*:*:*:*:*Range: <=4.4
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.