Homepage
About Snyk

org.eclipse.parsson:parsson@1.1.0 vulnerabilities

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.eclipse.parsson:parsson package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Out-of-bounds Write

Affected versions of this package are vulnerable to Out-of-bounds Write due to the handling of deeply nested JSON input. An attacker can cause Java stack overflow exception and denial of service.

How to fix Out-of-bounds Write?

Upgrade org.eclipse.parsson:parsson to version 1.0.4, 1.1.3 or higher.

[,1.0.4) [1.1.0,1.1.3)
  • M
Improper Input Validation

Affected versions of this package are vulnerable to Improper Input Validation when parsing JSON files from untrusted sources. An attacker can exploit the built-in support for parsing numbers with large scale where the input text of a number can lead to much larger processing time than expected.

How to fix Improper Input Validation?

Upgrade org.eclipse.parsson:parsson to version 1.0.5, 1.1.4 or higher.

[,1.0.5) [1.1.0,1.1.4)
Go back to all versions of this package