High severityNVD Advisory· Published Mar 13, 2023· Updated Feb 27, 2025
Stack exhaustion in json-smart leads to denial of service when parsing malformed JSON
CVE-2023-1370
Description
Json-smart is a performance focused, JSON processor lib.
When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively.
It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Json-smart v2.4.8 and earlier lacks recursion depth limits, allowing remote attackers to cause denial of service via deeply nested JSON.
Root
Cause Json-smart recursively parses nested arrays and objects without any limit on nesting depth. When encountering a '[' or '{' character, the parser calls itself recursively, leading to stack exhaustion for deeply nested inputs [2].
Exploitation
An attacker can craft a JSON payload with tens of thousands of nested openings (e.g., {"a":{"a":...}}) and send it to an application using the library. No authentication or special privileges are required; the vulnerable parser is invoked on the input, causing a StackOverflowError [4].
Impact
Successful exploitation results in a denial of service (DoS) condition, crashing the software and making it unavailable to legitimate users. The vulnerability can be triggered remotely if the parser processes untrusted JSON [4].
Mitigation
The flaw is fixed in json-smart version 2.4.9 (maintainers recommend 2.4.10 due to a remaining bug). Users should upgrade as soon as possible; no workaround is available [4].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
net.minidev:json-smartMaven | < 2.4.9 | 2.4.9 |
Affected products
1- Range: 0
Patches
2e2791ae506a5fix unstacking issue with more than 400 elements in an array (#133)
2 files changed · +19 −0
json-smart/src/main/java/net/minidev/json/parser/JSONParserBase.java+1 −0 modified@@ -620,6 +620,7 @@ protected <T> T readObject(JsonReaderI<T> mapper) throws ParseException, IOExcep // should loop skipping read step skipSpace(); if (c == '}') { + this.depth--; read(); /* unstack */ // return mapper.convert(current);
json-smart/src/test/java/net/minidev/json/test/TestOverflow.java+18 −0 modified@@ -1,5 +1,6 @@ package net.minidev.json.test; +import net.minidev.json.JSONArray; import net.minidev.json.JSONValue; import net.minidev.json.parser.ParseException; @@ -29,4 +30,21 @@ public void stressTest() throws Exception { } assertTrue(false); } + + @Test + public void shouldNotFailParsingArraysWith400Elements() throws Exception { + int size = 400; + StringBuilder sb = new StringBuilder(); + sb.append("["); + for (int i=0; i < size; i++) { + sb.append("{a:true}"); + if(i+1 < size) { + sb.append(","); + } + } + sb.append("]"); + String s = sb.toString(); + JSONArray array = (JSONArray) JSONValue.parseWithException(s); + assertEquals(array.size(), size); + } }
36 files changed · +129 −72
accessors-smart/pom.xml+1 −1 modified@@ -1,5 +1,5 @@ <!-- -Copyright 2011 JSON-SMART authors +Copyright 2011-2023 JSON-SMART authors Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
accessors-smart/src/main/java/net/minidev/asm/Accessor.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.asm; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
accessors-smart/src/main/java/net/minidev/asm/ASMUtil.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.asm; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
accessors-smart/src/main/java/net/minidev/asm/BeansAccess.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.asm; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
accessors-smart/src/main/java/net/minidev/asm/DynamicClassLoader.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.asm; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/pom.xml+1 −1 modified@@ -1,5 +1,5 @@ <!-- -Copyright 2011 JSON-SMART authors +Copyright 2011-2023 JSON-SMART authors Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JSONArray.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JSONAwareEx.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JSONAware.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JSONNavi.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JSONObject.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JSONStreamAwareEx.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JSONStreamAware.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JSONStyle.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JSONUtil.java+1 −1 modified@@ -7,7 +7,7 @@ import net.minidev.json.annotate.JsonIgnore; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JSONValue.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/JStylerObj.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/parser/JSONParserBase.java+55 −37 modified@@ -1,7 +1,7 @@ package net.minidev.json.parser; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,6 +20,7 @@ import static net.minidev.json.parser.ParseException.ERROR_UNEXPECTED_LEADING_0; import static net.minidev.json.parser.ParseException.ERROR_UNEXPECTED_TOKEN; import static net.minidev.json.parser.ParseException.ERROR_UNEXPECTED_UNICODE; +import static net.minidev.json.parser.ParseException.ERROR_UNEXPECTED_JSON_DEPTH; import java.io.IOException; import java.math.BigDecimal; @@ -39,6 +40,12 @@ */ abstract class JSONParserBase { protected char c; + /** + * hard coded maximal depth for JSON parsing + */ + public final static int MAX_DEPTH = 400; + protected int depth = 0; + JsonReader base; public final static byte EOI = 0x1A; protected static final char MAX_STOP = 126; // '}' -> 125 @@ -94,7 +101,9 @@ public JSONParserBase(int permissiveMode) { this.acceptLeadinZero = (permissiveMode & JSONParser.ACCEPT_LEADING_ZERO) > 0; this.acceptUselessComma = (permissiveMode & JSONParser.ACCEPT_USELESS_COMMA) > 0; this.useHiPrecisionFloat = (permissiveMode & JSONParser.USE_HI_PRECISION_FLOAT) > 0; - this.checkTaillingData = (permissiveMode & (JSONParser.ACCEPT_TAILLING_DATA | JSONParser.ACCEPT_TAILLING_SPACE)) != (JSONParser.ACCEPT_TAILLING_DATA | JSONParser.ACCEPT_TAILLING_SPACE); + this.checkTaillingData = (permissiveMode & (JSONParser.ACCEPT_TAILLING_DATA + | JSONParser.ACCEPT_TAILLING_SPACE)) != (JSONParser.ACCEPT_TAILLING_DATA + | JSONParser.ACCEPT_TAILLING_SPACE); this.checkTaillingSpace = (permissiveMode & JSONParser.ACCEPT_TAILLING_SPACE) == 0; this.reject127 = (permissiveMode & JSONParser.REJECT_127_CHAR) > 0; this.unrestictBigDigit = (permissiveMode & JSONParser.BIG_DIGIT_UNRESTRICTED) > 0; @@ -148,12 +157,13 @@ protected Number extractFloat() throws ParseException { // follow JSonIJ parsing method if (xs.length() > 18) { - // use extra CPU to check if the result can be return as double without precision lost + // use extra CPU to check if the result can be return as double without + // precision lost if (!unrestictBigDigit) { double asDouble = Double.parseDouble(xs); final String doubleStr = String.valueOf(asDouble); - // we need a compare compat `e` `E` `e+` `E+` - if (compareDoublePrecision(doubleStr, xs)){ + // we need a compare `e` `E` `e+` `E+` + if (compareDoublePrecision(doubleStr, xs)) { return asDouble; } } @@ -162,7 +172,7 @@ protected Number extractFloat() throws ParseException { return Double.parseDouble(xs); - } catch(NumberFormatException e){ + } catch (NumberFormatException e) { throw new ParseException(pos, ERROR_UNEXPECTED_TOKEN, xs); } } @@ -195,8 +205,8 @@ private boolean compareDoublePrecision(String convert, String origin) { } /** - * use to return Primitive Type, or String, Or JsonObject or JsonArray - * generated by a ContainerFactory + * use to return Primitive Type, or String, Or JsonObject or JsonArray generated + * by a ContainerFactory */ protected <T> T parse(JsonReaderI<T> mapper) throws ParseException { this.pos = -1; @@ -219,11 +229,11 @@ protected <T> T parse(JsonReaderI<T> mapper) throws ParseException { } protected Number parseNumber(String s) throws ParseException { - // pos + // position int p = 0; - // len + // length int l = s.length(); - // max pos long base 10 len + // max position long base 10 length int max = 19; boolean neg; @@ -284,14 +294,17 @@ protected Number parseNumber(String s) throws ParseException { abstract protected void read() throws IOException; protected <T> T readArray(JsonReaderI<T> mapper) throws ParseException, IOException { - Object current = mapper.createArray(); if (c != '[') throw new RuntimeException("Internal Error"); + if (++this.depth > MAX_DEPTH) { + throw new ParseException(pos, ERROR_UNEXPECTED_JSON_DEPTH, c); + } + Object current = mapper.createArray(); read(); boolean needData = false; // special case needData is false and can close is true if (c == ',' && !acceptUselessComma) - throw new ParseException(pos, ERROR_UNEXPECTED_CHAR, (char) c); + throw new ParseException(pos, ERROR_UNEXPECTED_CHAR, (char) c); for (;;) { switch (c) { case ' ': @@ -303,6 +316,7 @@ protected <T> T readArray(JsonReaderI<T> mapper) throws ParseException, IOExcept case ']': if (needData && !acceptUselessComma) throw new ParseException(pos, ERROR_UNEXPECTED_CHAR, (char) c); + this.depth--; read(); /* unstack */ // return mapper.convert(current); @@ -326,8 +340,8 @@ protected <T> T readArray(JsonReaderI<T> mapper) throws ParseException, IOExcept } /** - * use to return Primitive Type, or String, Or JsonObject or JsonArray - * generated by a ContainerFactory + * use to return Primitive Type, or String, Or JsonObject or JsonArray generated + * by a ContainerFactory */ protected <T> T readFirst(JsonReaderI<T> mapper) throws ParseException, IOException { for (;;) { @@ -339,24 +353,24 @@ protected <T> T readFirst(JsonReaderI<T> mapper) throws ParseException, IOExcept case '\t': read(); continue; - // invalid stats + // invalid state case ':': case '}': case ']': throw new ParseException(pos, ERROR_UNEXPECTED_CHAR, c); - // start object + // start object case '{': return readObject(mapper); - // start Array + // start Array case '[': return readArray(mapper); - // start string + // start string case '"': case '\'': readString(); // return mapper.convert(xs); - // string or null + // string or null case 'n': readNQString(stopX); if ("null".equals(xs)) { @@ -367,7 +381,7 @@ protected <T> T readFirst(JsonReaderI<T> mapper) throws ParseException, IOExcept throw new ParseException(pos, ERROR_UNEXPECTED_TOKEN, xs); // return mapper.convert(xs); - // string or false + // string or false case 'f': readNQString(stopX); if ("false".equals(xs)) { @@ -378,7 +392,7 @@ protected <T> T readFirst(JsonReaderI<T> mapper) throws ParseException, IOExcept throw new ParseException(pos, ERROR_UNEXPECTED_TOKEN, xs); // return mapper.convert(xs); - // string or true + // string or true case 't': readNQString(stopX); if ("true".equals(xs)) { @@ -389,7 +403,7 @@ protected <T> T readFirst(JsonReaderI<T> mapper) throws ParseException, IOExcept throw new ParseException(pos, ERROR_UNEXPECTED_TOKEN, xs); // return mapper.convert(xs); - // string or NaN + // string or NaN case 'N': readNQString(stopX); if (!acceptNaN) @@ -402,7 +416,7 @@ protected <T> T readFirst(JsonReaderI<T> mapper) throws ParseException, IOExcept throw new ParseException(pos, ERROR_UNEXPECTED_TOKEN, xs); // return mapper.convert(xs); - // digits + // digits case '0': case '1': case '2': @@ -428,8 +442,8 @@ protected <T> T readFirst(JsonReaderI<T> mapper) throws ParseException, IOExcept } /** - * use to return Primitive Type, or String, Or JsonObject or JsonArray - * generated by a ContainerFactory + * use to return Primitive Type, or String, Or JsonObject or JsonArray generated + * by a ContainerFactory */ protected Object readMain(JsonReaderI<?> mapper, boolean stop[]) throws ParseException, IOException { for (;;) { @@ -441,24 +455,24 @@ protected Object readMain(JsonReaderI<?> mapper, boolean stop[]) throws ParseExc case '\t': read(); continue; - // invalid stats + // invalid state case ':': case '}': case ']': throw new ParseException(pos, ERROR_UNEXPECTED_CHAR, c); - // start object + // start object case '{': return readObject(mapper.startObject(lastKey)); - // start Array + // start Array case '[': return readArray(mapper.startArray(lastKey)); - // start string + // start string case '"': case '\'': readString(); // return xs; - // string or null + // string or null case 'n': readNQString(stop); if ("null".equals(xs)) { @@ -469,7 +483,7 @@ protected Object readMain(JsonReaderI<?> mapper, boolean stop[]) throws ParseExc throw new ParseException(pos, ERROR_UNEXPECTED_TOKEN, xs); // return xs; - // string or false + // string or false case 'f': readNQString(stop); if ("false".equals(xs)) { @@ -480,7 +494,7 @@ protected Object readMain(JsonReaderI<?> mapper, boolean stop[]) throws ParseExc throw new ParseException(pos, ERROR_UNEXPECTED_TOKEN, xs); // return xs; - // string or true + // string or true case 't': readNQString(stop); if ("true".equals(xs)) { @@ -491,7 +505,7 @@ protected Object readMain(JsonReaderI<?> mapper, boolean stop[]) throws ParseExc throw new ParseException(pos, ERROR_UNEXPECTED_TOKEN, xs); // return xs; - // string or NaN + // string or NaN case 'N': readNQString(stop); if (!acceptNaN) @@ -504,7 +518,7 @@ protected Object readMain(JsonReaderI<?> mapper, boolean stop[]) throws ParseExc throw new ParseException(pos, ERROR_UNEXPECTED_TOKEN, xs); // return xs; - // digits + // digits case '0': case '1': case '2': @@ -539,6 +553,9 @@ protected <T> T readObject(JsonReaderI<T> mapper) throws ParseException, IOExcep // if (c != '{') throw new RuntimeException("Internal Error"); + if (++this.depth > MAX_DEPTH) { + throw new ParseException(pos, ERROR_UNEXPECTED_JSON_DEPTH, c); + } Object current = mapper.createObject(); boolean needData = false; boolean acceptData = true; @@ -558,6 +575,7 @@ protected <T> T readObject(JsonReaderI<T> mapper) throws ParseException, IOExcep case '}': if (needData && !acceptUselessComma) throw new ParseException(pos, ERROR_UNEXPECTED_CHAR, (char) c); + this.depth--; read(); /* unstack */ // return mapper.convert(current); @@ -708,15 +726,15 @@ protected void readString2() throws ParseException, IOException { case (char) 23: // End transmission block, not the same as EOT case (char) 24: // Cancel line, MPE echoes !!! case (char) 25: // End of medium, Control-Y interrupt - // case (char) 26: // Substitute == EOI + // case (char) 26: // Substitute == EOI case (char) 27: // escape case (char) 28: // File Separator case (char) 29: // Group Separator case (char) 30: // Record Separator case (char) 31: // Unit Separator if (ignoreControlChar) continue; - throw new ParseException(pos, ERROR_UNEXPECTED_CHAR, c); + throw new ParseException(pos, ERROR_UNEXPECTED_CHAR, c); case (char) 127: // del if (ignoreControlChar) continue;
json-smart/src/main/java/net/minidev/json/parser/JSONParserByteArray.java+2 −2 modified@@ -1,7 +1,7 @@ package net.minidev.json.parser; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ import net.minidev.json.JSONValue; import net.minidev.json.writer.JsonReaderI; -import java.nio.charset.Charset; + import java.nio.charset.StandardCharsets; /**
json-smart/src/main/java/net/minidev/json/parser/JSONParserInputStream.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.parser; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/parser/JSONParser.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.parser; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/parser/JSONParserMemory.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.parser; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/parser/JSONParserReader.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.parser; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/parser/JSONParserStream.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.parser; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/parser/JSONParserString.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.parser; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/parser/ParseException.java+8 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.parser; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -30,6 +30,7 @@ public class ParseException extends Exception { public static final int ERROR_UNEXPECTED_UNICODE = 4; public static final int ERROR_UNEXPECTED_DUPLICATE_KEY = 5; public static final int ERROR_UNEXPECTED_LEADING_0 = 6; + public static final int ERROR_UNEXPECTED_JSON_DEPTH = 7; private int errorType; private Object unexpectedObject; @@ -114,6 +115,12 @@ private static String toMessage(int position, int errorType, Object unexpectedOb sb.append(" at position "); sb.append(position); sb.append("."); + } else if (errorType == ERROR_UNEXPECTED_JSON_DEPTH) { + sb.append("Malicious payload, having non natural depths, parsing stoped on "); + sb.append(unexpectedObject); + sb.append(" at position "); + sb.append(position); + sb.append("."); } else { sb.append("Unkown error at position "); sb.append(position);
json-smart/src/main/java/net/minidev/json/writer/ArraysMapper.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.writer; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/writer/BeansMapper.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.writer; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/writer/CollectionMapper.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.writer; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/writer/CompessorMapper.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.writer; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/writer/DefaultMapperCollection.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.writer; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/writer/DefaultMapperOrdered.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.writer; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/writer/FakeMapper.java+1 −1 modified@@ -2,7 +2,7 @@ /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/writer/JsonReaderI.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.writer; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/main/java/net/minidev/json/writer/JsonReader.java+1 −1 modified@@ -1,7 +1,7 @@ package net.minidev.json.writer; /* - * Copyright 2011 JSON-SMART authors + * Copyright 2011-2023 JSON-SMART authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
json-smart/src/test/java/net/minidev/json/test/TestOverflow.java+32 −0 added@@ -0,0 +1,32 @@ +package net.minidev.json.test; + +import net.minidev.json.JSONValue; +import net.minidev.json.parser.ParseException; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertTrue; + +import org.junit.jupiter.api.Test; + +public class TestOverflow { + @Test + public void stressTest() throws Exception { + int size = 10000; + StringBuilder sb = new StringBuilder(10 + size*4); + for (int i=0; i < size; i++) { + sb.append("{a:"); + } + sb.append("true"); + for (int i=0; i < size; i++) { + sb.append("}"); + } + String s = sb.toString(); + try { + JSONValue.parseWithException(s); + } catch (ParseException e) { + assertEquals(e.getErrorType(), ParseException.ERROR_UNEXPECTED_JSON_DEPTH); + return; + } + assertTrue(false); + } +}
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
12- github.com/advisories/GHSA-493p-pfq6-5258ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-1370ghsaADVISORY
- github.com/netplex/json-smart-v2/commit/5b3205d051952d3100aa0db1535f6ba6226bd87aghsaWEB
- github.com/netplex/json-smart-v2/commit/e2791ae506a57491bc856b439d706c81e45adcf8ghsaWEB
- github.com/netplex/json-smart-v2/issues/137ghsaWEB
- github.com/oswaldobapvicjr/jsonmerge/security/advisories/GHSA-493p-pfq6-5258ghsaWEB
- research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633ghsaWEB
- security.netapp.com/advisory/ntap-20240621-0006ghsaWEB
- security.snyk.io/vuln/SNYK-JAVA-NETMINIDEV-3369748ghsaWEB
- www.cve.org/CVERecordghsaWEB
- research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/mitre
- security.netapp.com/advisory/ntap-20240621-0006/mitre
News mentions
0No linked articles in our index yet.