X-0R

**Name of the Vulnerable Software and Affected Versions** cJSON versions 1.5.0 through 1.7.18 **Description** cJSON versions 1.5.0 through 1.7.18 contain an out-of-bounds access issue within the `decode array index from pointer` function located in `cJSON Utils.c`. This allows attackers to bypass array bounds checking and potentially access restricted data by providing malformed JSON pointer strings that include alphanumeric characters. **Recommendations** Update cJSON to a version later than 1.7.18.