VYPR
High severity7.5NVD Advisory· Published Mar 22, 2023· Updated Jun 17, 2026

CVE-2023-1370

CVE-2023-1370

Description

Json-smart is a performance focused, JSON processor lib.

When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively.

It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
net.minidev:json-smartMaven
< 2.4.92.4.9

Affected products

35

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.