CVE-2023-30421

Summary

mystrtod in mjson 1.2.7 requires more than a billion iterations during processing of certain digit strings such as 8891110122900e913013935755114.

Affected Software

VendorProductVersion RangeStatus
mjson projectmjson1.2.7affected

Weaknesses

  • CWE-407: CWE-407 Inefficient Algorithmic Complexity

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References