2 matches found
CVE-2023-4043
CVE-2023-4043 affects Eclipse Parsson prior to 1.1.4 and 1.0.5. The root cause is a DoS in JSON number parsing when handling very large numbers, due to edge cases in the Java BigDecimal parsing path. The issue can be triggered by specially crafted input and can lead to much longer processing time...
CVE-2023-7272
CVE-2023-7272 affects Eclipse Parsson prior to 1.0.4 and 1.1.3, where parsing JSON documents with a deeply nested structure can trigger a Java stack overflow and denial of service. The root cause is extremely nested object depth in JSON processing (parse/generate/transform/query). The CVSS base s...