CVE-2023-34609

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jun 14, 2023
Updated: Jan 6, 2025
CWE ID 787

Summary

CVE-2023-34609 is a vulnerability affecting flexjson versions up to 3.3. An attacker can craft a malicious object with cyclic dependencies, leading to a denial of service or potential unspecified impacts on the targeted system. This issue may cause instability or even crash the application, allowing an attacker to disrupt normal operations. The vulnerability arises from the way flexjson handles object serialization and deserialization, making it essential for users to update to the latest version or implement alternative solutions to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share