VYPR

Maven package

cn.hutool/hutool-json

pkg:maven/cn.hutool/hutool-json

Vulnerabilities (6)

  • CVE-2023-42278Sep 8, 2023
    affected < 5.8.22fixed 5.8.22

    hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse().

  • CVE-2023-42277Sep 8, 2023
    affected <= 5.8.21

    hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath.

  • CVE-2023-42276Sep 8, 2023
    affected <= 5.8.21

    hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray.

  • CVE-2022-45690Dec 13, 2022
    affected < 5.8.11fixed 5.8.11

    A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.

  • CVE-2022-45689Dec 13, 2022
    affected <= 5.8.10

    hutool-json v5.8.10 was discovered to contain an out of memory error.

  • CVE-2022-45688Dec 13, 2022
    affected < 5.8.25fixed 5.8.25

    A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.