WolfpackArmy commited on
Commit
2815103
·
verified ·
1 Parent(s): 0c83835

Upload README.md with huggingface_hub

Browse files
Files changed (1) hide show
  1. README.md +17 -0
README.md ADDED
@@ -0,0 +1,17 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ # JSON Model File DoS and Prototype Pollution PoC
2
+
3
+ ## Vulnerability
4
+ DoS via deeply nested/large JSON + prototype pollution for JS-based ML tools
5
+
6
+ ## Files
7
+ - `poc_deep_nest.json` — 10,000 levels deep, causes stack overflow on json.load()
8
+ - `poc_huge_object.json` — 100K keys, causes excessive memory/CPU on parsing
9
+ - `poc_prototype_pollution.json` — __proto__ pollution payload for TF.js/Node consumers
10
+
11
+ ## Reproduce
12
+ ```python
13
+ import json
14
+ # Stack overflow from deep nesting:
15
+ with open('poc_deep_nest.json') as f:
16
+ json.load(f) # RecursionError
17
+ ```