flatted is a circular JSON parser. Prior to 3.4.0, flatteds parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process. This vulnerability is fixed in 3.4.0.
Weakness
The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Flatted | Webreflection | * | 3.4.0 (excluding) |
| Red Hat Developer Hub 1.8 | RedHat | rhdh/rhdh-hub-rhel9:1776784286 | * |
| Red Hat Developer Hub 1.9 | RedHat | rhdh/rhdh-hub-rhel9:1777903262 | * |
| Red Hat OpenShift AI 2.16 | RedHat | rhoai/odh-dashboard-rhel8:1774282136 | * |
| Red Hat OpenShift Dev Spaces 3.28 | RedHat | devspaces/dashboard-rhel9:1779341289 | * |