Zephyr JSON decoder incorrectly decodes array of array. Zephyr versions >= >1.14.0, >= >2.5.0 contain Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw3-2qf4
2021-10-05T21:15:09.353
2024-11-21T06:21:43.033
Modified
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | zephyrproject | zephyr | 1.14.0 | Yes |
| Operating System | zephyrproject | zephyr | 1.14.0 | Yes |
| Operating System | zephyrproject | zephyr | 1.14.0 | Yes |
| Operating System | zephyrproject | zephyr | 1.14.0 | Yes |
| Operating System | zephyrproject | zephyr | 1.14.1 | Yes |
| Operating System | zephyrproject | zephyr | 1.14.1 | Yes |
| Operating System | zephyrproject | zephyr | 1.14.1 | Yes |
| Operating System | zephyrproject | zephyr | 1.14.1 | Yes |
| Operating System | zephyrproject | zephyr | 1.14.2 | Yes |
| Operating System | zephyrproject | zephyr | 1.14.3 | Yes |
| Operating System | zephyrproject | zephyr | 1.14.3 | Yes |
| Operating System | zephyrproject | zephyr | 2.5.0 | Yes |
| Operating System | zephyrproject | zephyr | 2.5.0 | Yes |
| Operating System | zephyrproject | zephyr | 2.5.0 | Yes |
| Operating System | zephyrproject | zephyr | 2.5.0 | Yes |
| Operating System | zephyrproject | zephyr | 2.5.0 | Yes |
| Operating System | zephyrproject | zephyr | 2.5.1 | Yes |
| Operating System | zephyrproject | zephyr | 2.6.0 | Yes |
| Operating System | zephyrproject | zephyr | 2.6.0 | Yes |
| Operating System | zephyrproject | zephyr | 2.6.0 | Yes |
| Operating System | zephyrproject | zephyr | 2.6.0 | Yes |
| Operating System | zephyrproject | zephyr | 2.6.1 | Yes |