[MAVEN:GHSA-H9W3-F7X6-V54C] Deserialization of Untrusted Data in com.jsoniter:jsoniter
Severity
High
Affected Packages
1
CVEs
1
Withdrawn
was withdrawn by its CNA. Further investigation showed that it was not a security issue.
Original Description
All versions of package com.jsoniter:jsoniter are vulnerable to Deserialization of Untrusted Data via malicious JSON strings. This may lead to a Denial of Service, and in certain cases, code execution.
Package | Affected Version |
---|---|
pkg:maven/com.jsoniter/jsoniter | <= 0.9.23 |
- ID
- MAVEN:GHSA-H9W3-F7X6-V54C
- Severity
- high
- URL
- https://github.com/advisories/GHSA-h9w3-f7x6-v54c
- Published
-
2021-09-20T23:18:54
(3 years ago) - Modified
-
2023-02-01T05:06:07
(19 months ago) - Rights
- Maven Security Team
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:maven/com.jsoniter/jsoniter | com.jsoniter | jsoniter | <= 0.9.23 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |