CVE & CISA-KEV Catalog

CVE-2024-31755

HIGH
7.6
CVSS v3
NVD

Description

cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c.

How to fix

Remediation Available
cjsonDebian
Fixed in:1.7.14-1+deb11u1CVE-2024-31755
Fixed in:1.7.15-1+deb12u2CVE-2024-31755
Fixed in:1.7.18-1CVE-2024-31755
Fixed in:1.7.18-1CVE-2024-31755
ansible-collection-redhat-satelliteRocky
Fixed in:0:4.2.1-1.el8satRHSA-2025:9203
Fixed in:0:4.2.1-1.el8satRHSA-2025:9203
Fixed in:0:4.2.1-1.el9satRHSA-2025:9203
Fixed in:0:5.1.1-1.el9satRHSA-2025:9022
Fixed in:0:4.2.1-1.el9satRHSA-2025:9203
Fixed in:0:5.1.1-1.el9satRHSA-2025:9022
ansible-collection-redhat-satelliteRed Hat / RHEL
Fixed in:0:4.2.1-1.el8satRHSA-2025:9203
Fixed in:0:4.2.1-1.el8satRHSA-2025:9203
Fixed in:0:5.1.1-1.el9satRHSA-2025:9022
Fixed in:0:4.2.1-1.el9satRHSA-2025:9203
Fixed in:0:4.2.1-1.el9satRHSA-2025:9203
Fixed in:0:5.1.1-1.el9satRHSA-2025:9022
cjsonRed Hat / RHEL
Fixed in:0:1.7.18-1.el8satRHSA-2025:9838
Fixed in:0:1.7.18-1.el8satRHSA-2025:9203
Fixed in:0:1.7.18-1.el8satRHSA-2025:9838
Fixed in:0:1.7.18-1.el8satRHSA-2025:9203
Fixed in:0:1.7.18-1.el9satRHSA-2025:9022
Fixed in:0:1.7.18-1.el9satRHSA-2025:9203
Fixed in:0:1.7.18-1.el9satRHSA-2025:9203
Fixed in:0:1.7.18-1.el9satRHSA-2025:9022
cjsonRocky
Fixed in:0:1.7.18-1.el8satRHSA-2025:9203
Fixed in:0:1.7.18-1.el8satRHSA-2025:9838
Fixed in:0:1.7.18-1.el8satRHSA-2025:9838
Fixed in:0:1.7.18-1.el8satRHSA-2025:9203
Fixed in:0:1.7.18-1.el9satRHSA-2025:9022
Fixed in:0:1.7.18-1.el9satRHSA-2025:9203
Fixed in:0:1.7.18-1.el9satRHSA-2025:9022
Fixed in:0:1.7.18-1.el9satRHSA-2025:9203
cjson-debuginfoRocky
Fixed in:0:1.7.18-1.el8satRHSA-2025:9838
Fixed in:0:1.7.18-1.el8satRHSA-2025:9203
Fixed in:0:1.7.18-1.el9satRHSA-2025:9203
Fixed in:0:1.7.18-1.el9satRHSA-2025:9022
cjson-debuginfoRed Hat / RHEL
Fixed in:0:1.7.18-1.el8satRHSA-2025:9838
Fixed in:0:1.7.18-1.el8satRHSA-2025:9203
Fixed in:0:1.7.18-1.el9satRHSA-2025:9022
Fixed in:0:1.7.18-1.el9satRHSA-2025:9203
cjson-debugsourceRocky
Fixed in:0:1.7.18-1.el8satRHSA-2025:9203
Fixed in:0:1.7.18-1.el8satRHSA-2025:9838
Fixed in:0:1.7.18-1.el9satRHSA-2025:9203
Fixed in:0:1.7.18-1.el9satRHSA-2025:9022
cjson-debugsourceRed Hat / RHEL
Fixed in:0:1.7.18-1.el8satRHSA-2025:9203
Fixed in:0:1.7.18-1.el8satRHSA-2025:9838
Fixed in:0:1.7.18-1.el9satRHSA-2025:9203
Fixed in:0:1.7.18-1.el9satRHSA-2025:9022
foremanRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foremanRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-cliRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-cliRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-debugRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-debugRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-dynflow-sidekiqRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-dynflow-sidekiqRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-ec2Red Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-ec2Rocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-installerRocky
Fixed in:1:3.14.0.2-1.el9satRHSA-2025:9022
Fixed in:1:3.14.0.2-1.el9satRHSA-2025:9022
foreman-installerRed Hat / RHEL
Fixed in:1:3.14.0.2-1.el9satRHSA-2025:9022
Fixed in:1:3.14.0.2-1.el9satRHSA-2025:9022
foreman-installer-katelloRocky
Fixed in:1:3.14.0.2-1.el9satRHSA-2025:9022
foreman-installer-katelloRed Hat / RHEL
Fixed in:1:3.14.0.2-1.el9satRHSA-2025:9022
foreman-journaldRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-journaldRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-libvirtRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-libvirtRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-openstackRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-openstackRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-ovirtRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-ovirtRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-pcpRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-pcpRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-postgresqlRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-postgresqlRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-redisRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-redisRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-serviceRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-serviceRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-telemetryRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-telemetryRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-vmwareRocky
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
foreman-vmwareRed Hat / RHEL
Fixed in:0:3.14.0.3-1.el9satRHSA-2025:9022
python-pulp-rpmRocky
Fixed in:0:3.27.3-1.el9pcRHSA-2025:9022
python-pulp-rpmRed Hat / RHEL
Fixed in:0:3.27.3-1.el9pcRHSA-2025:9022
python-pulpcoreRocky
Fixed in:0:3.63.17-1.el9pcRHSA-2025:9022
python-pulpcoreRed Hat / RHEL
Fixed in:0:3.63.17-1.el9pcRHSA-2025:9022
python-sqlparseRed Hat / RHEL
Fixed in:0:0.5.0-1.el8pcRHSA-2025:9838
python-sqlparseRocky
Fixed in:0:0.5.0-1.el8pcRHSA-2025:9838
python3.11-pulp-rpmRocky
Fixed in:0:3.27.3-1.el9pcRHSA-2025:9022
python3.11-pulp-rpmRed Hat / RHEL
Fixed in:0:3.27.3-1.el9pcRHSA-2025:9022
python3.11-pulpcoreRed Hat / RHEL
Fixed in:0:3.63.17-1.el9pcRHSA-2025:9022
python3.11-pulpcoreRocky
Fixed in:0:3.63.17-1.el9pcRHSA-2025:9022
python3.11-sqlparseRocky
Fixed in:0:0.5.0-1.el8pcRHSA-2025:9838
python3.11-sqlparseRed Hat / RHEL
Fixed in:0:0.5.0-1.el8pcRHSA-2025:9838
rubygem-foreman_rh_cloudRocky
Fixed in:0:9.0.61-1.el8satRHSA-2025:9838
Fixed in:0:10.0.6-1.el8satRHSA-2025:9203
Fixed in:0:10.0.6-1.el8satRHSA-2025:9203
Fixed in:0:9.0.61-1.el8satRHSA-2025:9838
Fixed in:0:10.0.6-1.el9satRHSA-2025:9203
Fixed in:0:11.4.1-1.el9satRHSA-2025:9022
Fixed in:0:10.0.6-1.el9satRHSA-2025:9203
Fixed in:0:11.4.1-1.el9satRHSA-2025:9022
rubygem-foreman_rh_cloudRed Hat / RHEL
Fixed in:0:10.0.6-1.el8satRHSA-2025:9203
Fixed in:0:9.0.61-1.el8satRHSA-2025:9838
Fixed in:0:10.0.6-1.el8satRHSA-2025:9203
Fixed in:0:9.0.61-1.el8satRHSA-2025:9838
Fixed in:0:10.0.6-1.el9satRHSA-2025:9203
Fixed in:0:11.4.1-1.el9satRHSA-2025:9022
Fixed in:0:10.0.6-1.el9satRHSA-2025:9203
Fixed in:0:11.4.1-1.el9satRHSA-2025:9022
rubygem-foreman_theme_satelliteRed Hat / RHEL
Fixed in:0:14.3.3-1.el9satRHSA-2025:9022
Fixed in:0:14.3.3-1.el9satRHSA-2025:9022
rubygem-foreman_theme_satelliteRocky
Fixed in:0:14.3.3-1.el9satRHSA-2025:9022
Fixed in:0:14.3.3-1.el9satRHSA-2025:9022
rubygem-hammer_cli_katelloRocky
Fixed in:0:1.16.1.1-1.el9satRHSA-2025:9022
Fixed in:0:1.16.1.1-1.el9satRHSA-2025:9022
rubygem-hammer_cli_katelloRed Hat / RHEL
Fixed in:0:1.16.1.1-1.el9satRHSA-2025:9022
Fixed in:0:1.16.1.1-1.el9satRHSA-2025:9022
rubygem-katelloRocky
Fixed in:0:4.16.0.5-1.el9satRHSA-2025:9022
Fixed in:0:4.16.0.5-1.el9satRHSA-2025:9022
rubygem-katelloRed Hat / RHEL
Fixed in:0:4.16.0.5-1.el9satRHSA-2025:9022
Fixed in:0:4.16.0.5-1.el9satRHSA-2025:9022
rubygem-rackRed Hat / RHEL
Fixed in:0:2.2.14-1.el8satRHSA-2025:9838
Fixed in:0:2.2.14-1.el8satRHSA-2025:9838
rubygem-rackRocky
Fixed in:0:2.2.14-1.el8satRHSA-2025:9838
Fixed in:0:2.2.14-1.el8satRHSA-2025:9838
satelliteRocky
Fixed in:0:6.16.5.2-1.el8satRHSA-2025:9203
Fixed in:0:6.15.5.3-1.el8satRHSA-2025:9838
Fixed in:0:6.15.5.3-1.el8satRHSA-2025:9838
Fixed in:0:6.16.5.2-1.el8satRHSA-2025:9203
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
Fixed in:0:6.16.5.2-1.el9satRHSA-2025:9203
Fixed in:0:6.16.5.2-1.el9satRHSA-2025:9203
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
satelliteRed Hat / RHEL
Fixed in:0:6.15.5.3-1.el8satRHSA-2025:9838
Fixed in:0:6.15.5.3-1.el8satRHSA-2025:9838
Fixed in:0:6.16.5.2-1.el8satRHSA-2025:9203
Fixed in:0:6.16.5.2-1.el8satRHSA-2025:9203
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
Fixed in:0:6.16.5.2-1.el9satRHSA-2025:9203
Fixed in:0:6.16.5.2-1.el9satRHSA-2025:9203
satellite-capsuleRocky
Fixed in:0:6.15.5.3-1.el8satRHSA-2025:9838
Fixed in:0:6.16.5.2-1.el8satRHSA-2025:9203
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
Fixed in:0:6.16.5.2-1.el9satRHSA-2025:9203
satellite-capsuleRed Hat / RHEL
Fixed in:0:6.15.5.3-1.el8satRHSA-2025:9838
Fixed in:0:6.16.5.2-1.el8satRHSA-2025:9203
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
Fixed in:0:6.16.5.2-1.el9satRHSA-2025:9203
satellite-cliRocky
Fixed in:0:6.15.5.3-1.el8satRHSA-2025:9838
Fixed in:0:6.16.5.2-1.el8satRHSA-2025:9203
Fixed in:0:6.16.5.2-1.el9satRHSA-2025:9203
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
satellite-cliRed Hat / RHEL
Fixed in:0:6.15.5.3-1.el8satRHSA-2025:9838
Fixed in:0:6.16.5.2-1.el8satRHSA-2025:9203
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
Fixed in:0:6.16.5.2-1.el9satRHSA-2025:9203
satellite-commonRed Hat / RHEL
Fixed in:0:6.16.5.2-1.el8satRHSA-2025:9203
Fixed in:0:6.15.5.3-1.el8satRHSA-2025:9838
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
Fixed in:0:6.16.5.2-1.el9satRHSA-2025:9203
satellite-commonRocky
Fixed in:0:6.16.5.2-1.el8satRHSA-2025:9203
Fixed in:0:6.15.5.3-1.el8satRHSA-2025:9838
Fixed in:0:6.16.5.2-1.el9satRHSA-2025:9203
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
satellite-lifecycleRocky
Fixed in:0:6.17.0-2.el9satRHSA-2025:9022
Fixed in:0:6.17.0-2.el9satRHSA-2025:9022
satellite-lifecycleRed Hat / RHEL
Fixed in:0:6.17.0-2.el9satRHSA-2025:9022
Fixed in:0:6.17.0-2.el9satRHSA-2025:9022
satellite-obsolete-packagesRocky
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
satellite-obsolete-packagesRed Hat / RHEL
Fixed in:0:6.17.1-1.el9satRHSA-2025:9022
cjsonUbuntu
Fixed in:1.7.15-1ubuntu0.1~esm2USN-6784-1
Fixed in:1.7.16-1ubuntu0.2USN-6784-1
Fixed in:1.7.17-1ubuntu0.1~esm2USN-6784-1
libcjson1Ubuntu
Fixed in:1.7.15-1ubuntu0.1~esm2USN-6784-1
Fixed in:1.7.16-1ubuntu0.2USN-6784-1
Fixed in:1.7.17-1ubuntu0.1~esm2USN-6784-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityLow
IntegrityLow
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Exploit Intelligence

0.65%probability of exploitation in 30 days
47thpercentile

Moderate risk: more likely to be exploited than 47% of all known CVEs.

References

Exploit1

Related Vulnerabilities

Other CWE-476 (NULL Pointer Dereference) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-21758High7.592%-Fix
CVE-2023-21547High7.588%-Fix
CVE-2014-3470Medium4.386%-Fix
CVE-2021-44224High8.282%-Fix
CVE-2016-0742High7.582%-Fix
CVE-2009-1386Medium5.080%-Fix
Embed a live status badge for CVE-2024-31755
CVE-2024-31755 severity badge

Markdown

[![CVE-2024-31755](https://tridentstack.com/cve/badge/CVE-2024-31755.svg)](https://tridentstack.com/cve/CVE-2024-31755)

HTML

<a href="https://tridentstack.com/cve/CVE-2024-31755"><img src="https://tridentstack.com/cve/badge/CVE-2024-31755.svg" alt="CVE-2024-31755"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-06-30.