2 matches found
CVE-2018-18853
Lightbend Spray spray-json up to 1.3.4 is affected. The vulnerability is a DoS caused by Algorithmic Complexity during parsing of a field with many decimal digits, allowing remote exploitation over the network with no authentication. Impact is resource consumption/availability degradation; CVSS d...
CVE-2018-18854
Lightbend Spray spray-json (up to version 1.3.4) is vulnerable to denial of service via Algorithmic Complexity when parsing many JSON object fields with colliding hash codes. Remote attacker could exhaust resources. Documents consistently describe the issue but do not provide official remediation...