[Checkmarx][OSA] Cx2906ba70-607a - Score 7.5 - org.json:json:20170516
miguelfreitas93 opened this issue · comments
** Library Details **
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
** Library Severity Details **
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
** CVE Details **
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
** Recommendations **
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
** Library Details **
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
** Library Severity Details **
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
** CVE Details **
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
** Recommendations **
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Library Details
Library ID: 2DA28C5536606251BE5586AE4F0607C9272719B8
Library Name: org.json:json
Library Version: 20170516
Library Source File Name:
Library Confidence Level: 100
Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
CVE Details
CVE Name: Cx2906ba70-607a
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2017-08-18T09:31:00
CVE URL: stleary/JSON-java#361
CVE Description: The package JSON-java
before 20171018 is vulnerable to Denial Of Service attack. The function unescape()
used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.
Recommendations
Library Newest Version: 20190722
Library Newest Version Release Date: 2019-08-07T00:56:35
Library Number of Versions Since Last Update: 4
Recommendations: Upgrade to 20190722
Vulnerability does not exist anymore
Vulnerability does not exist anymore