Lucene search
K

41 matches found

RedhatCVE
RedhatCVE
added 2026/07/03 8:28 a.m.9 views

CVE-2026-9563

A flaw was found in Eclipse Parsson. The JSON parser did not enforce a default maximum on the number of characters consumed while processing a single JSON document. A remote attacker could exploit this by providing a very large, specially crafted JSON document. This could force applications to...

7.5CVSS6AI score0.00366EPSS
Exploits0References8
NVD
NVD
added 2026/07/02 9:16 a.m.6 views

CVE-2026-9563

In Eclipse Parsson published Maven Central artifacts before version 1.1.8, the JSON parser did not enforce a default maximum on the number of characters consumed while parsing a single JSON document. Applications that parse attacker- controlled JSON can be forced to consume excessive CPU and memo...

7.5CVSS0.00366EPSS
Exploits0References5
CVE
CVE
added 2026/07/02 7:33 a.m.20 views

CVE-2026-9563

Eclipse Parsson JSON parser did not enforce a default maximum on parsed characters before 1.1.8, allowing DoS from attacker-controlled JSON via very large documents. The fixed version, Parsson 1.1.8, adds a configurable limit with a default of 15 million parser-consumed characters. Affected: Ecli...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/02 7:33 a.m.37 views

CVE-2026-9563

In Eclipse Parsson published Maven Central artifacts before version 1.1.8, the JSON parser did not enforce a default maximum on the number of characters consumed while parsing a single JSON document. Applications that parse attacker- controlled JSON can be forced to consume excessive CPU and memo...

7.5CVSS0.00366EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/02 7:33 a.m.9 views

CVE-2026-9563

In Eclipse Parsson published Maven Central artifacts before version 1.1.8, the JSON parser did not enforce a default maximum on the number of characters consumed while parsing a single JSON document. Applications that parse attacker- controlled JSON can be forced to consume excessive CPU and memo...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6Affected Software1
Snyk
Snyk
added 2026/07/02 7:33 a.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of enforced limits in the parser when processing JSON input. An attacker can cause excessive CPU and memory consumption by submitting very large or deeply nested JSON...

8.7CVSS6AI score0.00366EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.12 views

PT-2026-54936

Name of the Vulnerable Software and Affected Versions Eclipse Parsson versions prior to 1.1.8 Description The JSON parser does not enforce a default maximum on the number of characters consumed when parsing a single JSON document. This allows an attacker to provide specially crafted JSON document...

7.5CVSS5.9AI score0.00366EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2024-2228

Malicious code in bioql PyPI...

8.6CVSS7.3AI score0.00588EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-2963

Malicious code in bioql PyPI...

7.5CVSS7AI score0.00764EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2024/07/17 10:24 p.m.47 views

CVE-2023-7272

A flaw was found in Eclipse Parsson. A document containing a large depth of nested objects may allow an attacker to cause a Java stack overflow exception, potentially leading to a denial of service...

6.8CVSS8.5AI score0.00588EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2024/07/17 3:30 p.m.9 views

ai.timefold.solver:timefold-solver-quarkus-jsonb (>=0.9.38 <=1.2.0), ai.timefold.solver:timefold-solver-quarkus-jsonb-deployment (>=0.9.38 <=1.2.0) +2527 more potentially affected by CVE-2023-7272 via org.eclipse.parsson:parsson (>=1.1.0 <=1.1.2)

org.eclipse.parsson:parsson MAVEN version =1.1.0, =0.9.38, =0.9.38, =0.9.38, =22.12.0, =22.11.0, =22.9.0, =24.7.0, =22.5.0, =22.10.0, =22.11.0, =24.7.0 and more Source cves: CVE-2023-7272 Source advisory: OSV:GHSA-2RWM-XV5J-777P...

8.6CVSS6.9AI score0.00588EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/07/17 3:30 p.m.8 views

ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=7.2.0 <=7.4.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=7.2.0 <=7.4.5) +407 more potentially affected by CVE-2023-7272 via org.eclipse.parsson:parsson (>=1.0.0 <=1.0.3)

org.eclipse.parsson:parsson MAVEN version =1.0.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =1.0, =0.3.8, =0.3.0, =0.2.3, =1.1.0, =1.4.2 and more Source cves: CVE-2023-7272 Source advisory: OSV:GHSA-2RWM-XV5J-777P...

8.6CVSS6.8AI score0.00588EPSS
Exploits1
OSV
OSV
added 2024/07/17 3:30 p.m.5 views

GHSA-2RWM-XV5J-777P Eclipse Parsson stack overflow when parsing deeply nested input

In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...

9.2CVSS7.1AI score0.00588EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2024/07/17 3:30 p.m.22 views

Eclipse Parsson stack overflow when parsing deeply nested input

In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...

8.6CVSS7.2AI score0.00588EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2024/07/17 3:15 p.m.38 views

CVE-2023-7272

In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...

8.6CVSS0.00588EPSS
Exploits1References1
OSV
OSV
added 2024/07/17 3:0 p.m.8 views

CVE-2023-7272 Eclipse Parsson stack overflow with deeply nested objects

In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...

8.6CVSS6.9AI score0.00588EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/07/17 3:0 p.m.22 views

CVE-2023-7272 Eclipse Parsson stack overflow with deeply nested objects

In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...

8.6CVSS7.2AI score0.00588EPSS
Exploits1References1
CVE
CVE
added 2024/07/17 3:0 p.m.102 views

CVE-2023-7272

CVE-2023-7272 affects Eclipse Parsson prior to 1.0.4 and 1.1.3, where parsing JSON documents with a deeply nested structure can trigger a Java stack overflow and denial of service. The root cause is extremely nested object depth in JSON processing (parse/generate/transform/query). The CVSS base s...

8.6CVSS8.5AI score0.00588EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/07/17 3:0 p.m.47 views

CVE-2023-7272 Eclipse Parsson stack overflow with deeply nested objects

In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...

8.6CVSS0.00588EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/03/06 3:38 p.m.5 views

parsson: Denial of Service due to large number parsing

A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service DoS due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected...

7.5CVSS7.1AI score0.00764EPSS
Exploits1References4
Rows per page
Query Builder