orjson Recursion Limit Vulnerability in JSON Serialization Function
Vulnerability
A denial-of-service vulnerability has been identified in the orjson library, specifically in the orjson.dumps() function, for versions through 3.11.4. The vulnerability arises because the function does not impose a recursion limit when serializing deeply nested JSON documents. This lack of restriction can lead to uncontrolled recursion, causing the application to crash. The issue can be exploited remotely if an attacker can control the data being serialized.
Impact
Exploitation of this vulnerability can cause applications to crash by overwhelming the call stack with too many nested levels, leading to a stack overflow.
Reproduction
The vulnerability can be reproduced by creating a JSON structure with excessive nesting, such as 100 levels deep, and then serializing it with the orjson.dumps() function. This process will cause a stack overflow, crashing the application.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.