JSON-java - 20180130 Known vulnerabilities found #322
Description
This library should be updated for most newer JSON dependencies, current version used has following issues detected
CVE-2023-5072
BDSA-2023-2760
Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.
CVE-2022-45688
BDSA-2022-4165
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.