Home > Vulnerability Database > CVE-2022-23460

Mend.io Vulnerability Database

CVE-2022-23460

Date: August 19, 2022

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized (ASAN) build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the current commit of the jsonxx project and the project itself has been archived. Updates are not expected. Users are advised to find a replacement.

Language: C++

Severity Score

7.5

Related Resources (3)

Url: https://securitylab.github.com/advisories/GHSL-2022-049_Jsonxx

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-23460

Url: https://www.mend.io/vulnerability-database/CVE-2022-23460

Severity Score

7.5

Weakness Type (CWE)

Stack-based Buffer Overflow

CWE-121

Uncontrolled Recursion

CWE-674

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2022-23460

Date: August 19, 2022

Language: C++

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?