logo

Database

Improper resource allocation In alloy-json-abi

Description

Stack overflow when parsing specially crafted JSON ABI strings Affected versions of the alloy-json-abi crate did not properly handle parsing of malformatted JSON ABI strings. The JsonAbi::parse method can be tricked into a stack overflow when processing specially crafted input.

This stack overflow can lead to a crash of the application using this crate, potentially causing a denial of service.

The flaw was corrected in commit 4790c47.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. GCVE-GHSA-8327-84cj-8xjm

References

1. https://github.com/alloy-rs/core/issues/7022. https://github.com/alloy-rs/core/commit/4790c47518024bd391bbd6815b00f501bad76a153. https://rustsec.org/advisories/RUSTSEC-2024-0362.html

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.