Maven package
org.json/json
pkg:maven/org.json/json
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-5072 | — | < 20231013 | 20231013 | Oct 12, 2023 | Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. | ||
| CVE-2022-45688 | — | < 20230227 | 20230227 | Dec 13, 2022 | A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data. |
- CVE-2023-5072Oct 12, 2023affected < 20231013fixed 20231013
Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.
- CVE-2022-45688Dec 13, 2022affected < 20230227fixed 20230227
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.