3 matches found
com.finmatics.et:et-core (>=0.1.0 <=0.2.0), com.helger.commons:ph-config (>=10.0.0 <=11.0.4) +87 more potentially affected by CVE-2023-34612 via com.helger.commons:ph-json (>=10.0.0 <=11.0.4)
com.helger.commons:ph-json MAVEN version =10.0.0, =0.1.0, =10.0.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =3.0.2, =8.5.0, =2.1.0, =1.1.0, =1.1.0, =1.1.0, =2.1.2 and more Source cves: CVE-2023-34612 Source advisory: OSV:GHSA-MX27-GG24-H2JC...
CVE-2023-34612
The CVE concerns ph-json up to version 9.5.5 in ph-commons/ph-json stack. Affected component/ordering causes denial of service via crafted objects that use cyclic dependencies, leading to high impact (availability). Root cause described across sources is lack of safeguards when handling cyclic de...
CVE-2023-34612
An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...