Up-Wind

**Name of the Vulnerable Software and Affected Versions** cJSON version 1.7.17 **Description** The issue is related to a segmentation violation that can be triggered through the second parameter of the `cJSON SetValuestring` function at `cJSON.c`. This can lead to a denial of service. The vulnerability is associated with null pointer dereference errors in the `cJSON SetValuestring` function of the cJSON library for working with JSON objects in C. Exploitation of the vulnerability may allow a remote attacker to cause a denial of service. **Recommendations** For cJSON version 1.7.17, as a temporary workaround, consider disabling the `cJSON SetValuestring` function until a patch is available. Restrict access to the `cJSON.c` component to minimize the risk of exploitation. Avoid using the second parameter of the `cJSON SetValuestring` function in the affected `cJSON.c` file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.