Jettison Project

Jettison

5 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-1436

Exploit
  • EPSS 0.02%
  • Published 22.03.2023 06:15:09
  • Last modified 21.11.2024 07:39:11

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.

7.5

CVE-2022-45685

Exploit
  • EPSS 0.13%
  • Published 13.12.2022 15:15:11
  • Last modified 22.04.2025 04:15:23

A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.

7.5

CVE-2022-45693

Exploit
  • EPSS 0.13%
  • Published 13.12.2022 15:15:11
  • Last modified 22.04.2025 15:16:05

Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

7.5

CVE-2022-40149

  • EPSS 0.52%
  • Published 16.09.2022 10:15:09
  • Last modified 21.11.2024 07:20:58

Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effe...

7.5

CVE-2022-40150

  • EPSS 0.06%
  • Published 16.09.2022 10:15:09
  • Last modified 21.11.2024 07:20:59

Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effe...