Primary

Context

RethinkDB Buffer Overflow Vulnerability in cJSON String Parsing

Vulnerability

A classic buffer overflow vulnerability has been identified in RethinkDB versions prior to 2.4.4. This issue arises in the cJSON library's string parsing function, where improper handling of UTF-16 surrogate pairs in JSON strings can lead to memory corruption and potentially allow arbitrary code execution. The vulnerability exists because the allocated buffer may not be sufficient to accommodate the converted UTF-8 characters, creating an opportunity for exploitation.

Impact

Exploitation of this vulnerability can cause heap corruption, leading to memory corruption and potential arbitrary code execution.

Remediation

Users can upgrade to RethinkDB version 2.4.4 or later, where this vulnerability has been addressed.

Added: Dec 9, 2025, 8:42 PM

Updated: Dec 9, 2025, 8:42 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

8.7

remediation

0.0

relevance

1.4

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

8.7

remediation

0.0

relevance

1.4

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

RethinkDB Buffer Overflow Vulnerability in cJSON String Parsing

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating