Lucene search
K

172 matches found

OSV
OSV
added 2023/04/14 11:5 a.m.4 views

OESA-2023-1224 json-smart security update

Json-smart is a performance focused, JSON processor lib. Security Fixes: Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to th...

7.5CVSS8.1AI score0.01119EPSS
Exploits1References2
OSV
OSV
added 2023/04/14 11:5 a.m.3 views

OESA-2023-1223 json-smart security update

Json-smart is a performance focused, JSON processor lib. Security Fixes: Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to th...

7.5CVSS8.1AI score0.01119EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/04/13 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-6011-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.023EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2023/04/12 8:36 a.m.93 views

USN-6011-1: Json-smart vulnerabilities

It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed quotes. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service. CVE-2021-31684 It was discovered that Json-smart...

7.5CVSS6.5AI score0.023EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2023/04/12 12:0 a.m.40 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Json-smart vulnerabilities (USN-6011-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6011-1 advisory. It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed quotes. A remote attacker...

7.5CVSS6.5AI score0.023EPSS
Exploits2References3
OSV
OSV
added 2023/03/31 10:44 p.m.41 views

GHSA-5X5Q-8CGM-2HJQ Karate has vulnerable dependency on json-smart package (CVE-2023-1370)

Summary The CVE How to fix it Very simple, just upgrade json-path package to 2.8.0 from 2.7.0 inside karate-core pom.xml ;...

7.5CVSS7.7AI score0.01119EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2023/03/31 10:44 p.m.71 views

Karate has vulnerable dependency on json-smart package (CVE-2023-1370)

Summary The CVE How to fix it Very simple, just upgrade json-path package to 2.8.0 from 2.7.0 inside karate-core pom.xml ;...

7.5CVSS7.6AI score0.01119EPSS
Exploits1References4Affected Software1
Debian
Debian
added 2023/03/31 8:3 a.m.37 views

[SECURITY] [DLA 3373-1] json-smart security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3373-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès March 30, 2023 https://wiki.debian.org/LTS -...

7.5CVSS8.9AI score0.023EPSS
Exploits2
OpenVAS
OpenVAS
added 2023/03/31 12:0 a.m.26 views

Debian: Security Advisory (DLA-3373-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.023EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2023/03/31 12:0 a.m.59 views

Debian dla-3373 : libjson-smart-java - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3373 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3373-1 [email protected]...

7.5CVSS6.6AI score0.023EPSS
Exploits2References6
Debian
Debian
added 2023/03/30 5:32 p.m.10 views

[SECURITY] [DLA 3373-1] json-smart security update

...

7.3AI score
Exploits0
OSV
OSV
added 2023/03/30 12:0 a.m.32 views

DLA-3373-1 json-smart - security update

Bulletin has no description...

7.5CVSS7.8AI score0.023EPSS
Exploits2
Veracode
Veracode
added 2023/03/24 5:47 a.m.41 views

Denial Of Service (DoS)

net.minidev, json-smart is vulnerable to Denial Of Service DoS. The vulnerability exists because there is no nested depth checks for deeply nested JSON arrays or objects, which allows an attacker to crash the application via a malicious array with deeply nested elements...

7.5CVSS7.4AI score0.01119EPSS
Exploits1References6Affected Software3
vulnersOsv
vulnersOsv
added 2023/03/23 8:32 p.m.5 views

africa.absa:inception-test (>=1.0.0 <=1.2.0), ai.apiverse:apipulse (=1.0.1) +15397 more potentially affected by CVE-2023-1370 via net.minidev:json-smart (>=1.0.6.3 <=2.4.8)

net.minidev:json-smart MAVEN version =1.0.6.3, =1.0.0, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =0.0.25, =0.0.25, =0.0.62, =def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91 and more Source cves: CVE-2023-1370 Source advisory: OSV:GHSA-493P-PFQ6-5258...

7.5CVSS6.6AI score0.01119EPSS
Exploits1
OSV
OSV
added 2023/03/23 8:32 p.m.3 views

GHSA-493P-PFQ6-5258 json-smart Uncontrolled Recursion vulnerability

Impact Affected versions of net.minidev:json-smart are vulnerable to Denial of Service DoS due to a StackOverflowError when parsing a deeply nested JSON array or object. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered tha...

7.5CVSS5.9AI score0.01119EPSS
Exploits1References10
Github Security Blog
Github Security Blog
added 2023/03/23 8:32 p.m.324 views

json-smart Uncontrolled Recursion vulnerability

Impact Affected versions of net.minidev:json-smart are vulnerable to Denial of Service DoS due to a StackOverflowError when parsing a deeply nested JSON array or object. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered tha...

7.5CVSS7.7AI score0.01119EPSS
Exploits1References10Affected Software1
NVD
NVD
added 2023/03/22 6:15 a.m.20 views

CVE-2023-1370

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

7.5CVSS8.5AI score0.01119EPSS
Exploits1References2
OSV
OSV
added 2023/03/22 6:15 a.m.1 views

DEBIAN-CVE-2023-1370

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

7.5CVSS6.4AI score0.01119EPSS
Exploits1References1
Prion
Prion
added 2023/03/22 6:15 a.m.28 views

Stack overflow

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

5CVSS7.4AI score0.01119EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2023/03/22 6:15 a.m.785 views

CVE-2023-1370

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

7.5CVSS6.8AI score0.01119EPSS
Exploits1References3
Rows per page
Query Builder