CVE-2026-9563
- EPSS 0.37%
- Veröffentlicht 02.07.2026 07:33:25
- Zuletzt bearbeitet 02.07.2026 17:44:12
In Eclipse Parsson published Maven Central artifacts before version 1.1.8, the JSON parser did not enforce a default maximum on the number of characters consumed while parsing a single JSON document. Applications that parse attacker- controlled JSON ...
CVE-2023-7272
- EPSS 0.59%
- Veröffentlicht 17.07.2024 15:15:10
- Zuletzt bearbeitet 06.02.2025 18:07:45
In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing (e.g. parse, generate, transform and qu...
CVE-2023-4043
- EPSS 0.76%
- Veröffentlicht 03.11.2023 09:15:13
- Zuletzt bearbeitet 21.11.2024 08:34:17
In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input te...