Lucene search
K

45 matches found

Cvelist
Cvelist
added 2024/10/04 12:0 a.m.36 views

CVE-2024-47855

util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...

0.15413EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/04 12:0 a.m.5 views

JSON-lib 安全漏洞

Json-lib is a java library open-sourced by Kordamp. It is used to convert beans, maps, collections, java arrays and XML to JSON and back to beans and DynaBeans. A security vulnerability exists in JSON-lib versions prior to 3.1.0, which stems from util/JSONTokener.java incorrectly handling...

5.3CVSS6.8AI score0.15413EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/10/04 12:0 a.m.18 views

CVE-2024-47855

util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...

5.3CVSS5.1AI score0.15413EPSS
Exploits0
CVE
CVE
added 2024/10/04 12:0 a.m.320 views

CVE-2024-47855

CVE-2024-47855 affects JSON-lib: the file util/JSONTokener.java mishandles an unbalanced comment string in versions before 3.1.0 . The provided metrics indicate a base score of 5.3 (Medium), with the impact limited to Availability loss and no Confidentiality or Integrity impact. The Red Hat/Nessu...

5.3CVSS7AI score0.15413EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 7:0 p.m.40 views

K27638900: Apache Struts vulnerability CVE-2017-15707

Security Advisory Description In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. CVE-2017-15707 Impact There is no impact; F5 products are not affecte...

6.2CVSS6.6AI score0.04889EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2019/12/20 2:30 p.m.36 views

CVE-2019-0188

Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...

7.5CVSS3.2AI score0.08463EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.29 views

Security Bulletin: IBM Tivoli Netcool Impact is affected by an Apache Camel vulnerability (CVE-2019-0188)

Summary IBM Tivoli Netcool Impact has addressed the following Apache Camel vulnerability. Vulnerability Details CVEID: CVE-2019-0188 DESCRIPTION: Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library...

7.5CVSS1.3AI score0.08463EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2019/05/29 6:15 p.m.40 views

XML External Entity injection in Apache Camel

Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...

7.5CVSS3.1AI score0.08463EPSS
Exploits0References19Affected Software2
NVD
NVD
added 2019/05/28 7:29 p.m.18 views

CVE-2019-0188

Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...

7.5CVSS7.6AI score0.08463EPSS
Exploits0References16
Prion
Prion
added 2019/05/28 7:29 p.m.24 views

Xxe

Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...

5CVSS7.6AI score0.08463EPSS
Exploits0References16Affected Software5
CVE
CVE
added 2019/05/28 6:10 p.m.187 views

CVE-2019-0188

Apache Camel before 2.24.0 is affected by an XXE vulnerability (CWE-611) caused by an outdated vulnerable JSON-lib in the camel-xmljson component, which has been removed in later releases. The issue is documented with CVE-2019-0188 and has a base score around 5.8 (IBM X-Force reference). Remediat...

7.5CVSS7.5AI score0.08463EPSS
Exploits0References16Affected Software4
Cvelist
Cvelist
added 2019/05/28 6:10 p.m.42 views

CVE-2019-0188

Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...

8.1AI score0.08463EPSS
Exploits0References16
Veracode
Veracode
added 2019/05/27 6:10 a.m.32 views

XML External Entity (XXE)

apache camel is vulnerable to XML external entity XXE attacks. The application uses an outdated and vulnerable JSON-lib library, camel-xmljson, which allows an attacker to perform XXE attacks...

7.5CVSS7.5AI score0.08463EPSS
Exploits0References27Affected Software2
OSV
OSV
added 2018/10/16 7:35 p.m.29 views

GHSA-XCRM-QPP8-HCW4 Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

6.2CVSS6.3AI score0.04889EPSS
Exploits2References8
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:19 p.m.51 views

Security Bulletin: A vulnerability in Struts affects IBM InfoSphere Metadata Workbench

Summary A Struts vulnerability affects IBM InfoSphere Metadata Workbench. Vulnerability Details CVEID: CVE-2017-15707 DESCRIPTION: Apache Struts is vulnerable to a denial of service. By sending a specially crafted JSON request using outdated json-lib with the Struts REST plugin, a remote attacker...

6.2CVSS1.9AI score0.04889EPSS
Exploits2Affected Software1
RedhatCVE
RedhatCVE
added 2017/12/06 1:53 p.m.26 views

CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

7.5CVSS3.9AI score0.04889EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2017/12/05 12:0 a.m.54 views

Apache Struts 'REST' Plugin Multiple Vulnerabilities (S2-054, S2-055) - Linux

Apache Struts is prone multiple vulnerabilities. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

9.8CVSS8.6AI score0.37925EPSS
Exploits9References4
Veracode
Veracode
added 2017/12/04 1:11 a.m.24 views

Denial Of Service (DoS)

struts2-rest-plugin is vulnerable to denial of service DoS attacks. These attacks are possible through the use of a vulnerable version of the json-lib library. Attackers can trigger a DoS attack using a JSON payload which causes a memory leak to occur...

6.2CVSS6.6AI score0.04889EPSS
Exploits2References7Affected Software3
NVD
NVD
added 2017/12/01 4:29 p.m.17 views

CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

6.2CVSS6.2AI score0.04889EPSS
Exploits2References6
OSV
OSV
added 2017/12/01 4:29 p.m.27 views

CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

6.2CVSS9.4AI score
Exploits0References6
Rows per page
Query Builder