EUVD-2023-1706

Malicious code in bioql PyPI...

CVE-2023-34620

An issue was discovered hjson thru 3.0.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

com.100shouhou.golddata:golddata-spider (>=1.1.1 <=1.1.4), com.buession.cas:buession-cas-audit (>=2.0.0 <=2.3.2) +704 more potentially affected by CVE-2023-34620 via org.hjson:hjson (>=1.0.0 <=3.0.0)

org.hjson:hjson MAVEN version =1.0.0, =1.1.1, =2.0.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.0.0, =1.1.0, =2.3.0, =1.1.0, =2.3.0, =2.3.2 and more Source cves: CVE-2023-34620 Source advisory: OSV:GHSA-5WFC-HJRC-GQ87...

hjson stack exhaustion vulnerability

An issue was discovered hjson through 3.0.0 allows attackers to cause a denial of service or other unspecified impacts via crafted objects that deeply nested structures...