Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

valkey-io/valkey-json
unstable @ dcaa82c
2
Fixes
0
CVEs
MEDIUM
Peak severity
Highlights
Denial of Service: 2 prior fixes. Scrutinize any change in this area.
src/json/json.cc: most-fixed (1 issue). Treat as high-risk during review.
0 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Denial of Service: Parsing extremely large floating-point literals with std::stod can throw unhandled out-of-range exceptions, crashing the entire database process. This can be triggered remotely by sending malformed JSON payloads.
Denial of Service: A memory leak in the JSON.DEBUG KEYTABLE-CORRUPT administrative subcommand allows authenticated users to exhaust system memory. The subcommand failed to restrict execution via proper ACLs and lacked robust handle lifecycle management.