CVE-2024-58264
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-27
Last updated on: 2025-08-06
Assigner: MITRE
Description
Description
The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cosmwasm | serde-json-wasm | to 1.0.1 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-674 | The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack. |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the serde-json-wasm crate for Rust before version 1.0.1. It allows an attacker to cause excessive stack consumption by providing deeply nested JSON data, which can lead to a denial of service due to stack exhaustion.
How can this vulnerability impact me? :
The vulnerability can impact you by causing your application to consume excessive stack memory when processing deeply nested JSON data, potentially leading to a denial of service or application crash.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70