High severityNVD Advisory· Published Jun 14, 2023· Updated Jan 3, 2025
CVE-2023-34620
CVE-2023-34620
Description
An issue was discovered hjson thru 3.0.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.hjson:hjsonMaven | < 3.0.1 | 3.0.1 |
laktak/hjsonPackagist | < 2.3.0 | 2.3.0 |
github.com/hjson/hjson-go/v4Go | < 4.5.0 | 4.5.0 |
Affected products
4- hjson/hjsondescription
- Range: <=3.0.0
- osv-coords2 versions
< 2.11.913-r28+ 1 more
- (no CPE)range: < 2.11.913-r28
- (no CPE)range: < 2.11.913-r28
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-5wfc-hjrc-gq87ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-34620ghsaADVISORY
- github.com/hjson/hjson-cpp/pull/54ghsaWEB
- github.com/hjson/hjson-go/commit/326599cebc6ef759892f473bf1439b98466a99faghsaWEB
- github.com/hjson/hjson-go/pull/67ghsaWEB
- github.com/hjson/hjson-java/issues/24ghsaWEB
- github.com/hjson/hjson-php/commit/2d1b8b4b158a8d841f3a228f267c7cd84fe5a4faghsaWEB
- github.com/hjson/hjson-php/pull/45ghsaWEB
News mentions
0No linked articles in our index yet.