21 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when processing JSON payloads before applying rate limits. An attacker can cause service disruption by sending specially crafted JSON payloads that bypass rate limiting. Note: This is...
EUVD-2023-1894
Malicious code in bioql PyPI...
EUVD-2023-2589
Malicious code in bioql PyPI...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to an improper check of complex JSON in the HTTP handler. An attacker can cause excessive memory and CPU consumption by submitting specially-crafted payloads that meet the default...
CVE-2023-42278
hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse...
CVE-2023-34615
An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
GHSA-RR66-QH5M-W6MX hutool Buffer Overflow vulnerability
hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse...
CVE-2023-42278
hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse...
CVE-2023-42278
hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse...
ch.sourcemotion.gradle.vertx.hermes:ch.sourcemotion.gradle.vertx.hermes.gradle.plugin (=0.0.1), ch.sourcemotion.gradle:vertx-hermes-gradle-plugin (=0.0.1) +30 more potentially affected by CVE-2023-34615 via net.pwall.json:jsonutil (>=2.0 <=5.0)
net.pwall.json:jsonutil MAVEN version =2.0, =0.1.0, =0.6.0, =0.6.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.68, =0.31, =0.68, =0.1, =0.6.1 and more Source cves: CVE-2023-34615 Source advisory: OSV:GHSA-W2RR-WVH9-M2M7...
JSONUtil vulnerable to stack exhaustion
An issue was discovered JSONUtil through 5.0 that allows attackers to cause a denial of service or other unspecified impacts via crafted objects that deeply nested structures...
GHSA-W2RR-WVH9-M2M7 JSONUtil vulnerable to stack exhaustion
An issue was discovered JSONUtil through 5.0 that allows attackers to cause a denial of service or other unspecified impacts via crafted objects that deeply nested structures...
CVE-2023-34615
An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
CVE-2023-34615
An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
CVE-2023-34615
An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
Code injection
An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
PT-2023-24952 · Jsonutil · Jsonutil
Name of the Vulnerable Software and Affected Versions: JSONUtil versions 5.0 and earlier Description: An issue was discovered in JSONUtil that allows attackers to cause a denial of service or other unspecified impacts via crafted objects that use cyclic dependencies or have deeply nested...
CVE-2023-34615
The CVE-2023-34615 issue affects JSONUtil up to and including version 5.0, where crafted objects with cyclic dependencies can trigger denial of service or related impacts. The vulnerability is described consistently across multiple sources (e.g., NVD, Red Hat, Veracode, GHSA, OSV) as a DOS caused...
CVE-2023-34615
An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...
JSONUtil 缓冲区错误漏洞
JSONUtil is a library of JSON generation and parsing utilities for Java from the individual developer Bill Davidson. A security vulnerability exists in JSONUtil 5.0 and earlier versions that could allow an attacker to cause a denial of service through the use of circularly dependent objects...