16 matches found
CVE-2022-45690
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...
json-lib: Mishandling of an unbalanced comment string in json-lib
A flaw was found in JSON-lib's JSONTokener component. This vulnerability allows a denial of service via an unbalanced comment string...
json-lib: Mishandling of an unbalanced comment string in json-lib
A flaw was found in JSON-lib's JSONTokener component. This vulnerability allows a denial of service via an unbalanced comment string...
CVE-2024-47855
util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...
JSON-lib 安全漏洞
Json-lib is a java library open-sourced by Kordamp. It is used to convert beans, maps, collections, java arrays and XML to JSON and back to beans and DynaBeans. A security vulnerability exists in JSON-lib versions prior to 3.1.0, which stems from util/JSONTokener.java incorrectly handling...
CVE-2024-47855
util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...
The vulnerability in the `org.json.JSONTokener.nextValue::JSONTokener.java` component of the file and network operations handling library hutool-json, which allows a attacker to cause a service failure.
The vulnerability in the org.json.JSONTokener.nextValue::JSONTokener.java component of the file and network operations library hutool-json is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
OSV-2023-60 Security exception in org.json.JSONTokener.nextValue
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55978 Crash type: Security exception Crash state: org.json.JSONTokener.nextValue org.json.JSONTokener.readArray org.json.JSONTokener.nextToInternal...
Denial Of Service (DoS)
hutool-json is vulnerable to denial of service.The vulnerability is due to the JSONTokener.nextValue method causing a stack overflow which allows an attacker to cause an application crash via malicious input...
hutool-json stack overflow vulnerability
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...
CVE-2022-45690
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...
hutool-json stack overflow vulnerability
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...
CVE-2022-45690
CVE-2022-45690: hutool-json v5.8.10 is affected by a stack overflow in org.json.JSONTokener.nextValue, enabling Denial of Service via crafted JSON or XML data. Connected sources corroborate the vulnerability and note a PoC exists. No remediation details are provided in the supplied documents.
CVE-2022-45690
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...
CVE-2022-45690
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...
Denial Of Service (DoS)
Jettison is vulnerable to denial of service. The vulnerability exists in nextValue function in JSONTokener.java where the attacker may supply content that causes the parser to crash by out of memory if the parser is running on user supplied input...