cvedb.io
CVE-2023-1370
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2023-03-22T06:15:09.493 · Last modified 2026-06-17T05:27:47.853

Summary

[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.

Affected products

json-smart_project — json-smart

Does this affect you?

Add your gear to cvedb and we'll alert you only when json-smart_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.