CVE-2023-35110

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jun 14, 2023
Updated: Jun 26, 2023
CWE ID 787

Summary

CVE-2023-35110 is a denial-of-service vulnerability affecting jjson, a JavaScript JSON parser, up to version 0.1.7. Attackers can leverage crafted objects with cyclic dependencies to cause the parser to crash or exhibit unspecified behavior, leading to a denial-of-service condition or potentially other unintended consequences. This issue poses a risk to applications utilizing jjson and should be addressed by upgrading to a patched version as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share