CVE-2023-34620
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Jun 14, 2023
Updated: Jan 3, 2025
CWE ID 787
Summary
CVE-2023-34620 is a vulnerability affecting hjson versions up to 3.0.0. Attackers can exploit this issue by providing a crafted object with cyclic dependencies, leading to a denial of service or potentially other unspecified impacts. This flaw can cause hjson to enter an infinite loop, consuming significant system resources and potentially crashing the application. Users are advised to update to the latest stable version of hjson to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share