45 matches found
ROS-20251028-09
A vulnerability in the Java library for JSON-lib bean-component conversion is related to improper handling unbalanced comment strings. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
EUVD-2018-0714
Malware in sbrugna...
EUVD-2019-0466
Malware in sbrugna...
json-lib: Mishandling of an unbalanced comment string in json-lib
A flaw was found in JSON-lib's JSONTokener component. This vulnerability allows a denial of service via an unbalanced comment string...
Important: Red Hat Security Advisory: Red Hat Product OCP Tools 4.17 Openshift Jenkins security update
An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.17. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 Openshift Jenkins security update
An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.13. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
json-lib: Mishandling of an unbalanced comment string in json-lib
A flaw was found in JSON-lib's JSONTokener component. This vulnerability allows a denial of service via an unbalanced comment string...
FreeBSD : jenkins -- Denial of service vulnerability in bundled json-lib (c5dafd73-adfd-11ef-af27-00e081b7aa2d)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c5dafd73-adfd-11ef-af27-00e081b7aa2d advisory. Jenkins Security Advisory: Denial of service vulnerability in bundled json-lib Tenable has extracted th...
Jenkins plugins Multiple Vulnerabilities (2024-11-27)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string. CVE-2024-47855 - Jenkins Simple Queue Plugin 1.4.4...
jenkins -- Denial of service vulnerability in bundled json-lib
Jenkins Security Advisory: Description High SECURITY-3463 / CVE-2024-47855 Denial of service vulnerability in bundled json-lib...
Denial Of Service (DoS)
JSON-lib is vulnerable to Denial Of Service DoS. The vulnerability is due to improper input validation and handling in the util/JSONTokener.java class, where the code fails to correctly process unbalanced comment strings in JSON data, allowing attackers to craft malicious JSON inputs that trigger...
openSUSE 15 Security Update : json-lib (SUSE-SU-2024:3543-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:3543-1 advisory. - CVE-2024-47855: Fixed mishandled unbalanced comment string bsc1231295 Tenable has extracted the preceding description block directly from the SUSE security...
openSUSE Security Advisory (SUSE-SU-2024:3543-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3543-1 Security update for json-lib
This update for json-lib fixes the following issues: - CVE-2024-47855: Fixed mishandled unbalanced comment string bsc1231295...
ar.com.jmfsg:api-doc (>=0.0.20 <=0.0.34), au.com.dius.pact:au.com.dius.pact.gradle.plugin (>=2.1.1 <=2.1.12) +2259 more potentially affected by CVE-2024-47855 via net.sf.json-lib:json-lib (>=0.7.1 <=2.4)
net.sf.json-lib:json-lib MAVEN version =0.7.1, =0.0.20, =2.1.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.20 and more Source cves: CVE-2024-47855 Source advisory: OSV:GHSA-WWCP-26WC-3FXM...
GHSA-WWCP-26WC-3FXM JSON-lib mishandles an unbalanced comment string
util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...
JSON-lib mishandles an unbalanced comment string
util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...
CVE-2024-47855
util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...
CVE-2024-47855
util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...
JSON-lib 安全漏洞
Json-lib is a java library open-sourced by Kordamp. It is used to convert beans, maps, collections, java arrays and XML to JSON and back to beans and DynaBeans. A security vulnerability exists in JSON-lib versions prior to 3.1.0, which stems from util/JSONTokener.java incorrectly handling...