VYPR
Critical severity9.8NVD Advisory· Published Sep 26, 2016· Updated Jun 17, 2026

CVE-2016-4303

CVE-2016-4303

Description

The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.