Maven package
io.spray/spray-json_2.11
pkg:maven/io.spray/spray-json_2.11
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-18855 | med | — | < 1.3.5 | 1.3.5 | Jun 28, 2022 | Recursive decent parsers are susceptible too StackOverflowExceptions on too deeply nested structures as currently "open" parsing state is kept on the stack. | |
| CVE-2018-18854 | — | < 1.3.5 | 1.3.5 | Oct 31, 2018 | Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of many JSON object fields (with keys that have the same hash code). | ||
| CVE-2018-18853 | — | < 1.3.5 | 1.3.5 | Oct 31, 2018 | Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of a field composed of many decimal digits. |
- affected < 1.3.5fixed 1.3.5
Recursive decent parsers are susceptible too StackOverflowExceptions on too deeply nested structures as currently "open" parsing state is kept on the stack.
- CVE-2018-18854Oct 31, 2018affected < 1.3.5fixed 1.3.5
Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of many JSON object fields (with keys that have the same hash code).
- CVE-2018-18853Oct 31, 2018affected < 1.3.5fixed 1.3.5
Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of a field composed of many decimal digits.