[Checkmarx][OSA] Cx08fcacc9-cb99 - Score 7.5 - org.json:json:20170516
miguelfreitas93 opened this issue · comments
** Library Details **
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
** Library Severity Details **
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
** CVE Details **
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
** Recommendations **
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
** Library Details **
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
** Library Severity Details **
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
** CVE Details **
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
** Recommendations **
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx08fcacc9-cb99
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-10-30T11:27:00
CVE URL: stleary/JSON-java#372
CVE Description: The package JSON-java before 20180130 is vulnerable to Denial of service. The method JSONArray() in class JSONArray() of file JSONArray.java, doesn't check for unclosed array while parsing, causing the application to crash, due to an StackOverflowException. This affects the Availability of the application.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Vulnerability does not exist anymore
Vulnerability does not exist anymore