RUSTSEC-2024-0012: Vulnerability in serde-json-wasm

Rust Crates.io Security Advisory


History
Edit
JSON (OSV)

RUSTSEC-2024-0012

Stack overflow during recursive JSON parsing


Reported
Issued

Package

serde-json-wasm
(crates.io)

Type

Vulnerability

Categories
Keywords

#stack-overflow

#json

Patched
  • >=1.0.1
  • >=0.5.2, <1.0.0

Description

When parsing untrusted, deeply nested JSON, the stack may overflow,
possibly enabling a Denial of Service attack.
This was fixed by adding a check for recursion depth.

Advisory available under CC0-1.0
license.

READ MORE