M1Cha

Name of the Vulnerable Software and Affected Versions: Zephyr versions 1.14.0 and later, 2.5.0 and later Description: The Zephyr JSON decoder incorrectly decodes an array of arrays, which can lead to an attempt to access a child of a non-structure pointer. This issue is related to CWE-588. Recommendations: For versions 1.14.0 and later, and 2.5.0 and later, update to a version that contains the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.