org.codehaus.jettison:jettison (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.codehaus.jettison:jettison, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2022-45685 — CVSS 7.5 (high): A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.
CVE-2022-45693 — CVSS 7.5 (high): Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a…
CVE-2022-40149 — CVSS 6.5 (medium): Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on…
CVE-2022-40150 — CVSS 6.5 (medium): Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on…
CVE-2023-1436 — CVSS 5.9 (medium): An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its…