CVE-2022-23460
MEDIUMjson++ - Denial of Service via Stack Exhaustion in JSON Parsing
Title source: llmDescription
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized (ASAN) build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the current commit of the jsonxx project and the project itself has been archived. Updates are not expected. Users are advised to find a replacement.
References (1)
Core 1
Core References
Broken Link x_refsource_misc
https://securitylab.github.com/advisories/GHSL-2022-049_Jsonxx
Scores
CVSS v3
5.9
EPSS
0.0060
EPSS Percentile
44.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-121
CWE-674
Status
published
Products (2)
hjiang/json\+\+
1.0.0
hjiang/json\+\+
1.0.1
Published
Aug 19, 2022
Tracked Since
Feb 18, 2026