PT-2020-12279 · Buger · Buger Jsonparser

Name of the Vulnerable Software and Affected Versions: buger jsonparser versions through 2019-12-04 Description: The issue allows attackers to cause a denial of service infinite loop via a Delete call. This can occur when parsing malformed JSON that contains opening brackets but not closing...

CVE-2013-3300

The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from other users' sessions via invalid input data containing a less than character...

Authentication flaw

The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from other users' sessions via invalid input data containing a less than character...

CVE-2013-3300

The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from other users' sessions via invalid input data containing a less than character...

CVE-2013-3300

The connected documents confirm a vulnerability in Lift (before 2.5) where JsonParser.scala’s end-index is misinterpreted as a length, enabling remote authenticated users to access sensitive information from other sessions via input containing a