Highlights
Denial of Service: 2 prior fixes. Scrutinize any change in this area.
src/json/json.cc: most-fixed (1 issue). Treat as high-risk during review.
0 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns
The bug types that recur here, drawn from past fixes, not open vulnerabilities.
Denial of Service: Parsing extremely large floating-point literals with std::stod can throw unhandled out-of-range exceptions, crashing the entire database process. This can be triggered remotely by sending malformed JSON payloads.
Denial of Service: A memory leak in the JSON.DEBUG KEYTABLE-CORRUPT administrative subcommand allows authenticated users to exhaust system memory. The subcommand failed to restrict execution via proper ACLs and lacked robust handle lifecycle management.