Home

Description

mystrtod in mjson 1.2.7 requires more than a billion iterations during processing of certain digit strings such as 8891110122900e913013935755114.

PUBLISHED Reserved 2023-04-07 | Published 2025-04-19 | Updated 2025-04-21 | Assigner mitre




LOW: 2.9CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-407 Inefficient Algorithmic Complexity

Product status

Default status
unknown

1.2.7 (semver)
affected

References

github.com/boofish/json_bugs/blob/main/mjson

github.com/cesanta/mjson/releases

cve.org (CVE-2023-30421)

nvd.nist.gov (CVE-2023-30421)

Download JSON