Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:39936
HistoryMar 24, 2023 - 5:47 a.m.

Denial Of Service (DoS)

2023-03-2405:47:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
net.minidev
json-smart
vulnerability
dos attack
nested depth check
json arrays
json objects
attacker
application crash

EPSS

0.001

Percentile

43.2%

net.minidev, json-smart is vulnerable to Denial Of Service (DoS). The vulnerability exists because there is no nested depth checks for deeply nested JSON arrays or objects, which allows an attacker to crash the application via a malicious array with deeply nested elements.