This repository has been archived by the owner on Apr 29, 2024. It is now read-only.
CVE-2022-45688 (High) detected in json-20160212.jar #260
Labels
Mend: dependency security vulnerability
Security vulnerability detected by WhiteSource
CVE-2022-45688 - High Severity Vulnerability
Vulnerable Library - json-20160212.jar
JSON is a light-weight, language independent, data interchange format. See http://www.JSON.org/
Library home page: https://github.com/douglascrockford/JSON-java
Path to dependency file: /pom.xml
Path to vulnerable library: /pom.xml
Dependency Hierarchy:
Found in HEAD commit: 51d8b15fc29a554c2cfa6ca4ef2ef31d8e753329
Found in base branch: master
Vulnerability Details
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
Publish Date: 2022-12-13
URL: CVE-2022-45688
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-3vqj-43w4-2q58
Release Date: 2022-12-13
Fix Resolution: org.json:json:20230227
Step up your Open Source Security Game with Mend here
The text was updated successfully, but these errors were encountered: