Headline

GHSA-8327-84cj-8xjm: Stack overflow when parsing specially crafted JSON ABI strings

Affected versions of the alloy-json-abi crate did not properly handle parsing of malformatted JSON ABI strings. The JsonAbi::parse method can be tricked into a stack overflow when processing specially crafted input.

This stack overflow can lead to a crash of the application using this crate, potentially causing a denial of service.

The flaw was corrected in commit 4790c47.

2 months ago

ghsa

Open in Source

#dos #js #git #perl

GitHub Advisory Database
GitHub Reviewed
GHSA-8327-84cj-8xjm

Stack overflow when parsing specially crafted JSON ABI strings

Moderate severity GitHub Reviewed Published Aug 15, 2024 to the GitHub Advisory Database • Updated Aug 15, 2024

Package

cargo alloy-json-abi (Rust)

Affected versions

<= 0.7.7

Published to the GitHub Advisory Database

Aug 15, 2024

Last updated

Aug 15, 2024

ghsa: Latest News

GHSA-pj33-75x5-32j4: RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission

9 hours ago

ghsa

GHSA-jjxq-ff2g-95vh: Twig has unguarded calls to `__isset()` and to array-accesses when the sandbox is enabled

9 hours ago

ghsa

GHSA-6377-hfv9-hqf6: Twig has unguarded calls to `__toString()` when nesting an object into an array

9 hours ago

ghsa

GHSA-hv6m-qj65-26q3: UnoPim Cross-site Scripting vulnerability

11 hours ago

ghsa

GHSA-rhm9-gp5p-5248: Gradio vulnerable to arbitrary file read with File and UploadButton components

13 hours ago

ghsa