A NULL Pointer Dereference vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input.
Credits
Diego Zaffaroni of Nozomi Networks found this bug during a security research activity.
