Approved changes feed: RSS · Atom
cpe:2.3:a:eclipse_foundation:parsson:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Eclipse Foundation (2c315c48-0111-5572-bbde-cc70cfafb2e9) |
|---|---|
| Product | Parsson (a7fb557e-d89c-5880-b37f-db29167534b8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-7272 |
vulnerable | 2026-06-03 14:54:00.365290 |
Eclipse Parsson stack overflow with deeply nested objects
HIGH (8.6)
In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing (e.g. parse, generate, transform and query) JSON documents.
Published: 2024-07-17T15:00:20.172Z
Updated: 2024-08-02T08:57:35.165Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-4043 |
vulnerable | 2026-06-03 14:53:27.118905 |
Parsson DoS when parsing numbers from untrusted sources
MEDIUM (5.9)
In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processing time than one would expect.
To mitigate the risk, parsson put in place a size limit for the numbers as well as their scale.
Published: 2023-11-03T08:11:39.563Z
Updated: 2024-09-05T14:31:17.127Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.