Homepage

org.codehaus.jettison:jettison@1.5.1 vulnerabilities

  • latest version

    1.5.4

  • latest non vulnerable version

    1.5.4

  • first published

    18 years ago

  • latest version published

    1 years ago

  • licenses detected

  • package manager

    View on Maven Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the org.codehaus.jettison:jettison package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Denial of Service (DoS)

    Affected versions of this package are vulnerable to Denial of Service (DoS) due to infinite recursion, when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. Exploiting this vulnerability results in a StackOverflowError exception being thrown.

    How to fix Denial of Service (DoS)?

    Upgrade org.codehaus.jettison:jettison to version 1.5.4 or higher.

    [,1.5.4)
    • H
    Denial of Service (DoS)

    Affected versions of this package are vulnerable to Denial of Service (DoS) due to a stack overflow in the map parameter. An attacker can trigger a crash by passing in a map object that recursively takes itself as a value.

    How to fix Denial of Service (DoS)?

    Upgrade org.codehaus.jettison:jettison to version 1.5.2 or higher.

    [1.3.1,1.5.2)
    • H
    Denial of Service (DoS)

    Affected versions of this package are vulnerable to Denial of Service (DoS) via crafted JSON data.

    How to fix Denial of Service (DoS)?

    Upgrade org.codehaus.jettison:jettison to version 1.5.2 or higher.

    [,1.5.2)
    Go back to all versions of this package