CVE-2022-45491 – This is a buffer overflow vulnerability in the ... (How to Fix)

Q: What is the severity of CVE-2022-45491?

CVE-2022-45491 has a CVSS score of 7.8 (HIGH). This is a buffer overflow vulnerability in the json_parse_value function of the sheredom json.h library. It allows attackers to execute arbitrary code and potentially gain escalated privileges on systems using vulnerable versions. Any application or system that incorporates this JSON parsing library is affected.

📋 TL;DR

This is a buffer overflow vulnerability in the json_parse_value function of the sheredom json.h library. It allows attackers to execute arbitrary code and potentially gain escalated privileges on systems using vulnerable versions. Any application or system that incorporates this JSON parsing library is affected.

💻 Affected Systems

Products:

sheredom json.h library
Applications using sheredom json.h

Versions: All versions before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022)

Operating Systems: All operating systems where the library is used

Default Config Vulnerable: ⚠️ Yes

Notes: Any application that parses untrusted JSON input using this library is vulnerable.

📦 What is this software?

Json.h by Json.h Project

View all CVEs affecting Json.h →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, privilege escalation, and attacker persistence.

🟠

Likely Case

Application crash (denial of service) or limited code execution within the application context.

🟢

If Mitigated

Application crash with no code execution if memory protections (ASLR, DEP) are effective.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Buffer overflow vulnerabilities in parsing libraries are commonly exploited. Public advisory includes technical details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Commit 0825301a07cbf51653882bf2b153cc81fdadf41 or later

Vendor Advisory: https://github.com/hyrathon/trophies/security/advisories/GHSA-55fm-gm4m-3v3j

Restart Required: Yes

Instructions:

1. Update json.h to commit 0825301a07cbf51653882bf2b153cc81fdadf41 or later. 2. Recompile any applications using the library. 3. Restart affected services.

🔧 Temporary Workarounds

Input Validation

all

Implement strict input validation and size limits on JSON data before parsing.

Memory Protection

all

Enable ASLR, DEP, and stack canaries if not already enabled.

🧯 If You Can't Patch

Network segmentation to isolate vulnerable systems
Implement strict firewall rules to limit access to vulnerable services

🔍 How to Verify

Check if Vulnerable:

Check the json.h version in your source code or compiled application against the vulnerable commit range.

Check Version:

git log --oneline | grep -i json.h (if using git) or check source file headers

Verify Fix Applied:

Verify json.h includes commit 0825301a07cbf51653882bf2b153cc81fdadf41 or later.

📡 Detection & Monitoring

Log Indicators:

Application crashes with segmentation faults
Unexpected process termination

Network Indicators:

Unusual network traffic to/from JSON parsing services

SIEM Query:

source="application.log" (segfault OR "buffer overflow" OR "json_parse_value")

📊 Metadata

CVE ID: CVE-2022-45491

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: February 3, 2023

Last Updated: March 26, 2025

🔗 References

https://github.com/hyrathon/trophies/security/advisories/GHSA-55fm-gm4m-3v3j Third Party Advisory
https://github.com/sheredom/json.h/issues/94 Third Party Advisory
https://github.com/hyrathon/trophies/security/advisories/GHSA-55fm-gm4m-3v3j Third Party Advisory
https://github.com/sheredom/json.h/issues/94 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-45491, you might also want to check these: