Primary

Context

serde-json-wasm Stack Overflow Vulnerability Allowing Denial-of-Service

Vulnerability

A stack overflow vulnerability has been identified in the serde-json-wasm crate for Rust, specifically in versions prior to 1.0.1. This vulnerability arises when the crate parses untrusted, deeply nested JSON data, leading to excessive stack consumption. Such behavior can potentially be exploited to cause a denial-of-service condition.

Impact

Exploitation of this vulnerability can lead to a stack overflow, causing a denial-of-service condition by exhausting the call stack and potentially crashing the application.

Remediation

Users can upgrade to serde-json-wasm version 1.0.1 or version 0.5.2 to address this vulnerability.

Added: Jul 27, 2025, 9:34 PM

Updated: Jul 27, 2025, 9:34 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

serde-json-wasm Stack Overflow Vulnerability Allowing Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating