org.apache.sling.commons.json is vulnerable to Improper Input Validation. The vulnerability exists because the library does not properly validate user inputs, which allows an attacker to trigger unexpected errors by supplying maliciously crafted input.
www.openwall.com/lists/oss-security/2023/05/15/2
github.com/advisories/GHSA-8j28-34qq-gmch
github.com/apache/sling-org-apache-sling-commons-johnzon
issues.apache.org/jira/browse/SLING-6536
lists.apache.org/thread/7spb4q4hfzs4n5yhz8stxcmhnmrwrj4d
lists.apache.org/thread/sws7z50x47gv0c38q4kx6ktqrvrrg1pm
www.openwall.com/lists/oss-security/2023/05/15/2