[Checkmarx][OSA] Cx08fcacc9-cb99 - Score 7.5 - org.json:json:20170516
miguelfreitas93 opened this issue · comments
** Library Details **
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
** Library Severity Details **
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
** CVE Details **
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
** Recommendations **
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
** Library Details **
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
** Library Severity Details **
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
** CVE Details **
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
** Recommendations **
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java
before 20180130 is vulnerable to Denial of service. The method JSONArray()
in class JSONArray()
of file JSONArray.java
, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Vulnerability does not exist anymore
Vulnerability does not exist anymore