stleary/JSON-java

stleary/JSON-java

stleary.github.io

Releases26

Frequency5 months 5 days

Last Release 13 days ago

Stars4.71K

A reference implementation of a JSON package in Java.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-5072 ↗	Oct 12, 2023Thursday, 12 October 2023, 17:15	7.5 HIGH	—
Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.
CVE-2022-45688 ↗	Dec 13, 2022Tuesday, 13 December 2022, 15:15	7.5 HIGH	—
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
CVE-2022-45690 ↗	Dec 13, 2022Tuesday, 13 December 2022, 15:15	7.5 HIGH	—
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.