hjson-js stack exhaustion vulnerability

# Summary
 A DOS vulnerability in hjson-js caused by crafted objects that deeply nested structures.

# Description
An issue was discovered in the latest hjson-js   allows attackers to cause a denial of service or other unspecified impacts via crafted objects that deeply nested structures.
there is a similar [vulnerable](https://github.com/advisories/GHSA-5wfc-hjrc-gq87),but  hjson-js has not similar fix logic.
The relevent code in [file1](https://github.com/hjson/hjson-js/blob/5734a70a17b94f12b59081aa6fdf966aac066b23/bundle/hjson.js)
Eg. function array(),function value(),function object()

# Patch
there is a similar fix [logic](https://github.com/hjson/hjson-java/pull/26/files)

# Thanks
Thanks to YangChao Liu (23210860056@m.fudan.edu.cn)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

hjson-js stack exhaustion vulnerability #66

Summary

Description

Patch

Thanks

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

hjson-js stack exhaustion vulnerability #66

Description

Summary

Description

Patch

Thanks

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions