org.json:json@20200518 vulnerabilities

  • latest version

    20240303

  • latest non vulnerable version

  • first published

    17 years ago

  • latest version published

    9 months ago

  • licenses detected

    • [20070829,20220924)
  • package manager

Direct Vulnerabilities

Known vulnerabilities in the org.json:json package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Allocation of Resources Without Limits or Throttling

Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can cause indefinite amounts of memory to be used by inputting a string of modest size. This can lead to a Denial of Service.

How to fix Allocation of Resources Without Limits or Throttling?

Upgrade org.json:json to version 20231013 or higher.

[0,20231013)
  • H
Denial of Service (DoS)

Affected versions of this package are vulnerable to Denial of Service (DoS) in the XML.toJSONObject component via crafted JSON or XML data.

How to fix Denial of Service (DoS)?

Upgrade org.json:json to version 20230227 or higher.

[,20230227)