CX: CVE-2022-45688 in Maven-org.json:json and 20131018 @ JavaVulnerableLab.master

**Description**

A stack overflow in the "XML.toJSONObject" component of hutool-json  allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data. This vulnerability also affects "org.json:json" package versions prior to 20230227.

**HIGH Vulnerable Package** issue exists @ **org.json:json** in branch **master**

**Vulnerability ID:** CVE-2022-45688

**Package Name:** org.json:json

**Severity:** HIGH

**CVSS Score:** 7.5

**Publish Date:** 2022-12-13T15:15:00

**Current Package Version:** 20131018

**Remediation Upgrade Recommendation:** 20230227

[Link To SCA](https://sca.checkmarx.net/#/projects/d4f2d825-1fb5-49e7-ad6d-fd24d7e6ccd2/reports/2765eccf-f943-43c0-9650-1b1a2e5dbecc/vulnerabilities/CVE-2022-45688%3AMaven-org.json%3Ajson-20131018/vulnerabilityDetailsGql)

[Reference – NVD link](https://nvd.nist.gov/vuln/detail/CVE-2022-45688)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CX: CVE-2022-45688 in Maven-org.json:json and 20131018 @ JavaVulnerableLab.master #169

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

CX: CVE-2022-45688 in Maven-org.json:json and 20131018 @ JavaVulnerableLab.master #169

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions