Skip to main content

Large JSON input

Description

Inputting a very large sized JSON as an argument.

Remediation

Limit the maximum size of a JSON that can be inputted.

Configuration

Identifier: resource_limitation/large_json_input

Options

skip_objects : List of object that are to be skipped by the security test.

Examples

Ignore this check

{
    "checks": {
        "resource_limitation/large_json_input": {
            "skip": true
        }
    }
}

Score

Escape Severity: MEDIUM
- OWASP: API4:2023
- PCI DSS: 6.5.8
- CWE
  - 20
  - 351
  - 434
  - 789
  - 1215
  - 1284
- WASC: WASC-20

CVSS

CVSS_VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H/RL:O/RC:C
CVSS_SCORE: 5.1

References

https://gusralph.info/file-upload-checklist/

Description
Remediation
Configuration
- Options
- Examples
Score
- CVSS
References