Lucene search
Veracode Vulnerability DatabaseVERACODE:40560HistoryMay 17, 2023 - 2:13 a.m.
Improper Input Validation
2023-05-1702:13:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
vulnerability
input validation
unexpected errors
maliciously crafted input
org.apache.sling.commons.json
EPSS
0.005
Percentile
75.9%
org.apache.sling.commons.json is vulnerable to Improper Input Validation. The vulnerability exists because the library does not properly validate user inputs, which allows an attacker to trigger unexpected errors by supplying maliciously crafted input.
References
www.openwall.com/lists/oss-security/2023/05/15/2
github.com/advisories/GHSA-8j28-34qq-gmch
github.com/apache/sling-org-apache-sling-commons-johnzon
issues.apache.org/jira/browse/SLING-6536
lists.apache.org/thread/7spb4q4hfzs4n5yhz8stxcmhnmrwrj4d
lists.apache.org/thread/sws7z50x47gv0c38q4kx6ktqrvrrg1pm
www.openwall.com/lists/oss-security/2023/05/15/2
Related
prion
prion
Input validation
2023-05-15 10:15:00
cnvd
cnvd
Apache Sling Input Validation Error Vulnerability
2023-05-30 00:00:00
osv
osv
Apache Sling Commons JSON bundle vulnerable to Improper Input Validation
2023-05-15 12:30:16
github
github
Apache Sling Commons JSON bundle vulnerable to Improper Input Validation
2023-05-15 12:30:16
nvd
nvd
CVE-2022-47937
2023-05-15 10:15:10
cve
cve
CVE-2022-47937
2023-05-15 10:15:10
cvelist
cvelist