{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-1370", "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "state": "PUBLISHED", "assignerShortName": "JFROG", "dateReserved": "2023-03-13T08:35:00.695Z", "datePublished": "2023-03-13T09:04:36.365Z", "dateUpdated": "2025-02-13T16:39:21.362Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://mvnrepository.com", "vendor": "json-smart", "product": "json-smart", "packageName": "net.minidev:json-smart", "versions": [{"lessThan": "2.4.9", "status": "affected", "version": "0", "versionType": "maven"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.</p><p>When reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, the code parses an array or an object respectively.</p><p>It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.</p>"}], "value": "[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.\n\nWhen reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, the code parses an array or an object respectively.\n\nIt was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG", "dateUpdated": "2024-06-21T19:07:09.457Z"}, "references": [{"url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"}, {"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"}], "source": {"discovery": "EXTERNAL"}, "title": "Stack exhaustion in json-smart leads to denial of service when parsing malformed JSON"}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:49:10.250Z"}, "title": "CVE Program Container", "references": [{"url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:json-smart_project:json-smart:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCB9A6B6-D76A-44FE-9326-07E17A486932", "versionEndExcluding": "2.4.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.\n\nWhen reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, the code parses an array or an object respectively.\n\nIt was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software."}], "id": "CVE-2023-1370", "lastModified": "2025-02-13T17:15:58.220", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "reefs@jfrog.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-03-22T06:15:09.493", "references": [{"source": "reefs@jfrog.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"}, {"source": "reefs@jfrog.com", "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"}], "sourceIdentifier": "reefs@jfrog.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-674"}], "source": "reefs@jfrog.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-674"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:7697", "cpe": "cpe:/a:redhat:amq_clients:2023_q4", "package": "json-smart", "product_name": "AMQ Clients", "release_date": "2023-12-07T00:00:00Z"}, {"advisory": "RHSA-2023:3179", "cpe": "cpe:/a:redhat:camel_quarkus:2.13", "package": "json-smart", "product_name": "CEQ 2.13.2-2", "release_date": "2023-05-17T00:00:00Z"}, {"advisory": "RHSA-2023:3193", "cpe": "cpe:/a:redhat:camel_quarkus:2.7", "package": "json-smart", "product_name": "CEQ 2.7.1-1", "release_date": "2023-05-17T00:00:00Z"}, {"advisory": "RHSA-2023:3610", "cpe": "cpe:/a:redhat:ocp_tools:4.12::el8", "package": "jenkins-2-plugins-0:4.12.1686649756-1.el8", "product_name": "OCP-Tools-4.12-RHEL-8", "release_date": "2023-06-15T00:00:00Z"}, {"advisory": "RHSA-2023:3622", "cpe": "cpe:/a:redhat:ocp_tools:4.13::el8", "package": "jenkins-0:2.401.1.1686680404-3.el8", "product_name": "OCP-Tools-4.13-RHEL-8", "release_date": "2023-06-15T00:00:00Z"}, {"advisory": "RHSA-2023:3663", "cpe": "cpe:/a:redhat:ocp_tools:4.11::el8", "package": "jenkins-2-plugins-0:4.11.1686831822-1.el8", "product_name": "OpenShift Developer Tools and Services for OCP 4.11", "release_date": "2023-06-19T00:00:00Z"}, {"advisory": "RHSA-2023:3223", "cpe": "cpe:/a:redhat:amq_streams:2", "product_name": "Red Hat AMQ Streams 2.4.0", "release_date": "2023-05-18T00:00:00Z"}, {"advisory": "RHSA-2024:3527", "cpe": "cpe:/a:redhat:amq_streams:2", "product_name": "Red Hat AMQ Streams 2.7.0", "release_date": "2024-05-30T00:00:00Z"}, {"advisory": "RHSA-2023:3954", "cpe": "cpe:/a:redhat:jboss_fuse:7", "package": "json-smart", "product_name": "Red Hat Fuse 7.12", "release_date": "2023-06-29T00:00:00Z"}, {"advisory": "RHSA-2023:3362", "cpe": "cpe:/a:redhat:openshift:4.10::el8", "package": "jenkins-2-plugins-0:4.10.1684982411-1.el8", "product_name": "Red Hat OpenShift Container Platform 4.10", "release_date": "2023-06-07T00:00:00Z"}, {"advisory": "RHSA-2023:3906", "cpe": "cpe:/a:redhat:camel_k:1", "package": "json-smart", "product_name": "RHINT Camel-K-1.10.1", "release_date": "2023-06-28T00:00:00Z"}, {"advisory": "RHSA-2023:2099", "cpe": "cpe:/a:redhat:camel_spring_boot:3.18.3", "package": "json-smart", "product_name": "RHINT Camel-Springboot 3.18.3.P1", "release_date": "2023-05-03T00:00:00Z"}, {"advisory": "RHSA-2023:3641", "cpe": "cpe:/a:redhat:camel_spring_boot:3.18", "package": "json-smart", "product_name": "RHINT Camel-Springboot 3.18.3.P2", "release_date": "2023-06-15T00:00:00Z"}, {"advisory": "RHSA-2023:2100", "cpe": "cpe:/a:redhat:camel_spring_boot:3.20.1", "package": "json-smart", "product_name": "RHINT Camel-Springboot 3.20.1", "release_date": "2023-05-03T00:00:00Z"}], "bugzilla": {"description": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)", "id": "2188542", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-674", "details": ["[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.\nWhen reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, the code parses an array or an object respectively.\nIt was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.", "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software."], "name": "CVE-2023-1370", "package_state": [{"cpe": "cpe:/a:redhat:a_mq_clients:2", "fix_state": "Affected", "impact": "low", "package_name": "json-smart", "product_name": "A-MQ Clients 2"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/elasticsearch6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:amq_broker:7", "fix_state": "Affected", "impact": "low", "package_name": "json-smart", "product_name": "Red Hat AMQ Broker 7"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Affected", "package_name": "json-smart", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Out of support scope", "package_name": "json-smart", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Affected", "package_name": "json-smart", "product_name": "Red Hat Integration Change Data Capture"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Out of support scope", "package_name": "json-smart", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Not affected", "package_name": "json-smart", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "json-smart", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "json-smart", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "json-smart", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Out of support scope", "package_name": "json-smart", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Out of support scope", "package_name": "json-smart", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Affected", "package_name": "json-smart", "product_name": "Red Hat OpenShift Application Runtimes"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "jenkins-2-plugins", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3:", "fix_state": "Affected", "package_name": "devspaces/pluginregistry-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Affected", "package_name": "json-smart", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Not affected", "package_name": "json-smart", "product_name": "Red Hat Single Sign-On 7"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Not affected", "package_name": "json-smart", "product_name": "Red Hat support for Spring Boot"}, {"cpe": "cpe:/a:redhat:amq_streams:1", "fix_state": "Affected", "package_name": "json-smart", "product_name": "streams for Apache Kafka"}], "public_date": "2023-03-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-1370\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-1370\nhttps://github.com/advisories/GHSA-493p-pfq6-5258\nhttps://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"], "threat_severity": "Important", "upstream_fix": "json-smart 2.4.9, json-smart 2.4.10"}