45 matches found
CVE-2024-47855
util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...
JSON-lib 安全漏洞
Json-lib is a java library open-sourced by Kordamp. It is used to convert beans, maps, collections, java arrays and XML to JSON and back to beans and DynaBeans. A security vulnerability exists in JSON-lib versions prior to 3.1.0, which stems from util/JSONTokener.java incorrectly handling...
CVE-2024-47855
util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...
CVE-2024-47855
CVE-2024-47855 affects JSON-lib: the file util/JSONTokener.java mishandles an unbalanced comment string in versions before 3.1.0 . The provided metrics indicate a base score of 5.3 (Medium), with the impact limited to Availability loss and no Confidentiality or Integrity impact. The Red Hat/Nessu...
K27638900: Apache Struts vulnerability CVE-2017-15707
Security Advisory Description In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. CVE-2017-15707 Impact There is no impact; F5 products are not affecte...
CVE-2019-0188
Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...
Security Bulletin: IBM Tivoli Netcool Impact is affected by an Apache Camel vulnerability (CVE-2019-0188)
Summary IBM Tivoli Netcool Impact has addressed the following Apache Camel vulnerability. Vulnerability Details CVEID: CVE-2019-0188 DESCRIPTION: Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library...
XML External Entity injection in Apache Camel
Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...
CVE-2019-0188
Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...
Xxe
Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...
CVE-2019-0188
Apache Camel before 2.24.0 is affected by an XXE vulnerability (CWE-611) caused by an outdated vulnerable JSON-lib in the camel-xmljson component, which has been removed in later releases. The issue is documented with CVE-2019-0188 and has a base score around 5.8 (IBM X-Force reference). Remediat...
CVE-2019-0188
Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...
XML External Entity (XXE)
apache camel is vulnerable to XML external entity XXE attacks. The application uses an outdated and vulnerable JSON-lib library, camel-xmljson, which allows an attacker to perform XXE attacks...
GHSA-XCRM-QPP8-HCW4 Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...
Security Bulletin: A vulnerability in Struts affects IBM InfoSphere Metadata Workbench
Summary A Struts vulnerability affects IBM InfoSphere Metadata Workbench. Vulnerability Details CVEID: CVE-2017-15707 DESCRIPTION: Apache Struts is vulnerable to a denial of service. By sending a specially crafted JSON request using outdated json-lib with the Struts REST plugin, a remote attacker...
CVE-2017-15707
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...
Apache Struts 'REST' Plugin Multiple Vulnerabilities (S2-054, S2-055) - Linux
Apache Struts is prone multiple vulnerabilities. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Denial Of Service (DoS)
struts2-rest-plugin is vulnerable to denial of service DoS attacks. These attacks are possible through the use of a vulnerable version of the json-lib library. Attackers can trigger a DoS attack using a JSON payload which causes a memory leak to occur...
CVE-2017-15707
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...
CVE-2017-15707
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...