CX: CVE-2022-45690 in Maven-org.json:json and 20131018 @ JavaVulnerableLab-1.refs/heads/master

**Description**

A stack overflow in the "org.json.JSONTokener.nextValue::JSONTokener.java" component of hutool-json allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data. This vulnerability affects versions prior to 5.8.11.

**HIGH Vulnerable Package** issue exists @ **org.json:json** in branch **refs/heads/master**

**Vulnerability ID:** CVE-2022-45690

**Package Name:** org.json:json

**Severity:** HIGH

**CVSS Score:** 7.5

**Publish Date:** 2022-12-13T15:15:00

**Current Package Version:** 20131018

**Remediation Upgrade Recommendation:** 20231013

[Link To SCA](https://sca.scacheckmarx.com/#/projects/5136da46-f859-44e8-b3a4-03b35565956a/reports/f7224165-d3f7-4772-ab8f-073e25ca1db4/vulnerabilities/CVE-2022-45690%3AMaven-org.json%3Ajson-20131018/vulnerabilityDetailsGql)

[Reference – NVD link](https://nvd.nist.gov/vuln/detail/CVE-2022-45690)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CX: CVE-2022-45690 in Maven-org.json:json and 20131018 @ JavaVulnerableLab-1.refs/heads/master #68

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

CX: CVE-2022-45690 in Maven-org.json:json and 20131018 @ JavaVulnerableLab-1.refs/heads/master #68

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions