EUVD-2023-2592

Malicious code in bioql PyPI...

EUVD-2023-1077

Malicious code in bioql PyPI...

EUVD-2025-31040

Malicious code in bioql PyPI...

CVE-2025-57350

The csvtojson package, a tool for converting CSV data to JSON with customizable parsing capabilities, contains a prototype pollution vulnerability in versions prior to 2.0.10. This issue arises due to insufficient sanitization of nested header names during the parsing process in the parserjsonarr...

CSVTOJSON 安全漏洞

CSVTOJSON is a CSV parser by the individual developer Keyang Xiang. A security vulnerability exists in CSVTOJSON versions prior to 2.0.10, which stems from insufficient cleanup of nested header names during parsing by the parserjsonarray component, which could lead to a prototype pollution attack...

CVE-2023-42276

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

OSV-2024-902 Security exception in org.json.JSONArray.writeTo

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69188 Crash type: Security exception Crash state: org.json.JSONArray.writeTo org.json.JSONStringer.value java.base/java.util.ArrayList.elementData...

PT-2024-40873 · Org.Json · Org.Json

Name of the Vulnerable Software and Affected Versions: org.json affected versions not specified Description: The issue is related to a security exception in the org.json library. The crash occurs in the JSONArray.writeTo function, which is called by the JSONStringer.value function. This is furthe...

RHEL 7 : jettison (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jettison: Uncontrolled Recursion in JSONArray CVE-2023-1436 - Those using Jettison to parse untrusted XML...

OESA-2023-1963 jettison security update

Jettison is a collection of Java APIs like STaX and DOM which read and write JSON. This allows nearly transparent enablement of JSON based web services in services frameworks like CXF or XML serialization frameworks like XStream. Security Fixes: An infinite recursion is triggered in Jettison when...

GHSA-RXGF-R843-G53H hutool Buffer Overflow vulnerability

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

hutool Buffer Overflow vulnerability

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

hutool Buffer Overflow vulnerability

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

hutool Buffer Overflow vulnerability

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

CVE-2023-42276

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

CVE-2023-42276

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

CVE-2023-42276

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

Buffer overflow

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

PT-2023-28305 · Hutool · Hutool

Name of the Vulnerable Software and Affected Versions: hutool version 5.8.21 Description: The issue is related to a buffer overflow in the jsonArray component of the hutool library. This buffer overflow can be exploited, potentially leading to security breaches. No information is provided about t...

CVE-2023-42276

CVE-2023-42276 (hutool v5.8.21) : A buffer overflow in the jsonArray component has been reported. The NVD entry documents a 3.1 CVSS base score of 9.8 (CRITICAL) with NETWORK attack vector, low complexity, no user interaction, and impact to confidentiality, integrity, and availability (all HIGH)....