Name of the Vulnerable Software and Affected Versions ArduinoJson version V704HB22

Description A heap buffer overflow issue was identified, which can cause a crash. The issue is related to the MsgPackDeserializer in the ArduinoJson library. The crash occurs due to a heap-buffer-overflow write.

Recommendations For ArduinoJson version V704HB22, consider restricting the use of the MsgPackDeserializer until a patch is available. As a temporary workaround, avoid using the MsgPackDeserializer to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.