serde-json-wasm stack overflow during recursive JSON parsing
High severity
GitHub Reviewed
Published
Feb 9, 2024
to the GitHub Advisory Database
•
Updated Feb 9, 2024
Description
Published to the GitHub Advisory Database
Feb 9, 2024
Reviewed
Feb 9, 2024
Last updated
Feb 9, 2024
When parsing untrusted, deeply nested JSON, the stack may overflow, possibly enabling a Denial of Service attack. This was fixed by adding a check for recursion depth.
References