Uncontrolled Recursion
CVE-2024-57699
Summary
A security issue was found in Netplex Json-smart. When loading a specially crafted JSON input, containing a large number of "{", a stack exhaustion can be triggered, which could allow an attacker to cause a Denial of Service (DoS). This issue affects "net.minidev:json-smart" versions 2.5.0 through 2.5.1. This issue exists because of an incomplete fix for CVE-2023-1370.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- NONE
- HIGH
CWE-674 - Uncontrolled Recursion
The product does not properly control the amount of recursion which takes place, consuming excessive resources, such as allocated memory or the program stack.
References
Advisory Timeline
- Published
