netbird/advisory-database
0
0
Fork 0
mirror of https://github.com/netbirdio/advisory-database.git synced 2026-05-22 18:04:22 -07:00
Code Issues Packages Projects Releases Wiki Activity

Publish GHSA-pq2g-wx69-c263

Browse Source
This commit is contained in:
advisory-database[bot]
2025-03-12 14:30:01 +00:00
parent 4fd0bb8371
commit 2bbde3e9fb
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
advisories/github-reviewed/2025/02/GHSA-pq2g-wx69-c263/GHSA-pq2g-wx69-c263.json
+2 -2
View File
@@ -1,13 +1,13 @@
{
"schema_version": "1.4.0",
"id": "GHSA-pq2g-wx69-c263",
"modified": "2025-02-12T15:39:26Z",
"modified": "2025-03-12T14:28:04Z",
"published": "2025-02-06T06:31:26Z",
"aliases": [
"CVE-2024-57699"
],
"summary": "Netplex Json-smart Uncontrolled Recursion vulnerability",
"details": "A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of {, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service (DoS). This issue exists because of an incomplete fix for CVE-2023-1370.",
"details": "A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of {, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service (DoS). This issue exists because of an incomplete fix for CVE-2023-1370.\n\nThe fixed version only addresses the default modes provided by [JSONParser](https://github.com/netplex/json-smart-v2/blob/master/json-smart/src/main/java/net/minidev/json/parser/JSONParser.java#L118), such as `MODE_RFC4627`. If you create the JSONParser manually or with custom options, make sure to set the `LIMIT_JSON_DEPTH` option.",
"severity": [
{
"type": "CVSS_V3",