3 matches found
com.finmatics.et:et-core (>=0.1.0 <=0.2.0), com.helger.commons:ph-config (>=10.0.0 <=11.0.4) +87 more potentially affected by CVE-2023-34612 via com.helger.commons:ph-json (>=10.0.0 <=11.0.4)
com.helger.commons:ph-json MAVEN version =10.0.0, =0.1.0, =10.0.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =3.0.2, =8.5.0, =2.1.0, =1.1.0, =1.1.0, =1.1.0, =2.1.2 and more Source cves: CVE-2023-34612 Source advisory: OSV:GHSA-MX27-GG24-H2JC...
CVE-2023-34612
An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
CVE-2023-34612
The CVE concerns ph-json up to version 9.5.5 in ph-commons/ph-json stack. Affected component/ordering causes denial of service via crafted objects that use cyclic dependencies, leading to high impact (availability). Root cause described across sources is lack of safeguards when handling cyclic de...