CVE-2023-34615
📋 TL;DR
CVE-2023-34615 is a vulnerability in JSONUtil library versions through 5.0 that allows attackers to cause denial of service or other impacts by exploiting cyclic dependencies in crafted JSON objects. This affects any application using vulnerable JSONUtil versions for JSON parsing. The vulnerability can be triggered when processing malicious JSON input.
💻 Affected Systems
- JSONUtil library
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete application crash leading to sustained denial of service, potential memory corruption enabling remote code execution, or data corruption.
Likely Case
Application crashes or hangs when processing malicious JSON input, causing temporary denial of service until restart.
If Mitigated
Input validation prevents malicious JSON from reaching vulnerable parser, limiting impact to rejected requests.
🎯 Exploit Status
The GitHub issue demonstrates the vulnerability with example code. Crafting malicious JSON with cyclic dependencies is straightforward.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version 5.1 or later
Vendor Advisory: https://github.com/billdavidson/JSONUtil/issues/10
Restart Required: Yes
Instructions:
1. Update JSONUtil dependency to version 5.1 or later. 2. Update package.json or build configuration. 3. Rebuild and redeploy application. 4. Restart affected services.
🔧 Temporary Workarounds
Input validation and sanitization
allImplement strict input validation to reject JSON containing cyclic dependencies before processing.
Rate limiting and request filtering
allImplement rate limiting and WAF rules to block requests with suspicious JSON patterns.
🧯 If You Can't Patch
- Isolate vulnerable systems behind firewalls and restrict network access
- Implement strict input validation and sanitization for all JSON parsing operations
🔍 How to Verify
Check if Vulnerable:
Check package.json or build configuration for JSONUtil version ≤5.0. Review application dependencies for JSONUtil usage.Check Version:
npm list jsonutil (for Node.js) or check build.gradle/pom.xml for Java projectsVerify Fix Applied:
Verify JSONUtil version is ≥5.1 in dependencies. Test with known malicious JSON containing cyclic dependencies.📡 Detection & Monitoring
Log Indicators:
- Application crashes or hangs during JSON parsing
- High CPU/memory usage spikes during JSON processing
- Stack overflow errors in logs
Network Indicators:
- Repeated requests with large/complex JSON payloads
- Requests causing application timeouts
SIEM Query:
source="application.logs" AND ("stack overflow" OR "out of memory" OR "JSON parsing error") AND process="*json*"