Lucene search
GitHub Advisory DatabaseGHSA-WHGH-G24C-3J5QHistoryDec 13, 2022 - 3:30 p.m.
hutool-json stack overflow vulnerability
2022-12-1315:30:26
GitHub Advisory Database
github.com
21
hutool-json
stack overflow
vulnerability
jsontokener
denial of service
crafted json
crafted xml
software
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
41.7%
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
Affected configurations
Node
cn.hutoolhutool-jsonRange≤5.8.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cn.hutool | hutool-json | * | cpe:2.3:a:cn.hutool:hutool-json:*:*:*:*:*:*:*:* |
Related
prion
prion
Stack overflow
2022-12-13 15:15:00
gitlab
gitlab
hutool-json stack overflow vulnerability
2022-12-13 00:00:00
osv
osv
hutool-json stack overflow vulnerability
2022-12-13 15:30:26
CVE-2022-45690
2022-12-13 15:15:11
hutool-json vulnerable to memory exhaustion
2022-12-13 15:30:26
cvelist
cvelist
CVE-2022-45690
2022-12-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-12-15 03:36:16
cve
cve
CVE-2022-45690
2022-12-13 15:15:11
nvd
nvd
CVE-2022-45690
2022-12-13 15:15:11
github
github
hutool-json vulnerable to memory exhaustion
2022-12-13 15:30:26
nessus
nessus
Oracle WebCenter Portal Multiple Vulnerabilities (October 2023 CPU)
2023-10-18 00:00:00
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
41.7%
Related for GHSA-WHGH-G24C-3J5Q