CVE-2018-17072by Jeremyin Security Bulletinson Posted on September 16, 2018 JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y.