6 matches found
CVE-2022-45690
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...
club.mrxiao:express-java-common (>=1.0.0 <=1.0.2), club.mrxiao:express-java-jdl (>=1.0.0 <=1.0.2) +263 more potentially affected by CVE-2022-45690 via cn.hutool:hutool-json (>=4.0.0 <=5.8.10)
cn.hutool:hutool-json MAVEN version =4.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =2.0.3, =2.0.5, =2.0.1.B, =2.0.1.B, =2.0.1.B, =1.0.1, =1.0.3 and more Source cves: CVE-2022-45690 Source advisory: OSV:GHSA-WHGH-G24C-3J5Q...
hutool-json vulnerable to memory exhaustion
hutool-json v5.8.10 was discovered to contain an out of memory error. This issue is similar to CVE-2022-45690...
CVE-2022-45690
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...
CVE-2022-45690
CVE-2022-45690: hutool-json v5.8.10 is affected by a stack overflow in org.json.JSONTokener.nextValue, enabling Denial of Service via crafted JSON or XML data. Connected sources corroborate the vulnerability and note a PoC exists. No remediation details are provided in the supplied documents.
CVE-2022-45690
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...