CVE-2025-0695

Name of the Vulnerable Software and Affected Versions Cesanta Frozen versions less than 1.7

Description An Allocation of Resources Without Limits or Throttling issue allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input.

Recommendations For Cesanta Frozen versions less than 1.7, update to version 1.7 or later to resolve the issue. As a temporary workaround, consider validating and sanitizing all JSON inputs to prevent maliciously crafted data from being processed. Restrict access to components that embed the Cesanta Frozen library to minimize the risk of exploitation.