org.codehaus.jettison:jettison@1.5.1 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.codehaus.jettison:jettison package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Denial of Service (DoS) Affected versions of this package are vulnerable to Denial of Service (DoS) due to infinite recursion, when constructing a `JSONArray` from a Collection that contains a self-reference in one of its elements. Exploiting this vulnerability results in a `StackOverflowError` exception being thrown. How to fix Denial of Service (DoS)? Upgrade `org.codehaus.jettison:jettison` to version 1.5.4 or higher.	[,1.5.4)
H Denial of Service (DoS) Affected versions of this package are vulnerable to Denial of Service (DoS) due to a stack overflow in the `map` parameter. An attacker can trigger a crash by passing in a map object that recursively takes itself as a value. How to fix Denial of Service (DoS)? Upgrade `org.codehaus.jettison:jettison` to version 1.5.2 or higher.	[1.3.1,1.5.2)
H Denial of Service (DoS) Affected versions of this package are vulnerable to Denial of Service (DoS) via crafted JSON data. How to fix Denial of Service (DoS)? Upgrade `org.codehaus.jettison:jettison` to version 1.5.2 or higher.	[,1.5.2)