Homepage
About Snyk

org.json:json@20220924 vulnerabilities

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.json:json package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Allocation of Resources Without Limits or Throttling

Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can cause indefinite amounts of memory to be used by inputting a string of modest size. This can lead to a Denial of Service.

How to fix Allocation of Resources Without Limits or Throttling?

Upgrade org.json:json to version 20231013 or higher.

[0,20231013)
  • H
Denial of Service (DoS)

Affected versions of this package are vulnerable to Denial of Service (DoS) in the XML.toJSONObject component via crafted JSON or XML data.

How to fix Denial of Service (DoS)?

Upgrade org.json:json to version 20230227 or higher.

[,20230227)
Go back to all versions of this package