CVE-2023-34616

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jun 14, 2023

Updated: Jun 27, 2023

CWE ID 787

Summary

CVE-2023-34616 is a vulnerability affecting pbjson, a library used for parsing and generating JSON data, up to version 0.4.0. This issue allows attackers to trigger a denial of service or potentially other unspecified impacts by supplying a specially crafted object with cyclic dependencies. By exploiting this vulnerability, attackers can cause pbjson to enter an infinite loop, leading to a consumption of system resources and ultimately a denial-of-service condition. This issue poses a significant risk to applications that rely on pbjson for JSON processing, and users are strongly encouraged to upgrade to a patched version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database