A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Thu, 25 Sep 2025 12:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Stleary
Stleary json-java |
|
CPEs | cpe:2.3:a:stleary:json-java:*:*:*:*:*:*:*:* | |
Vendors & Products |
Stleary
Stleary json-java |
Fri, 12 Sep 2025 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:hutool:hutool:*:*:*:*:*:*:*:* |
Tue, 22 Apr 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-04-22T15:00:11.454Z
Reserved: 2022-11-21T00:00:00.000Z
Link: CVE-2022-45690

Updated: 2024-08-03T14:17:04.028Z

Status : Analyzed
Published: 2022-12-13T15:15:11.387
Modified: 2025-09-25T12:42:19.910
Link: CVE-2022-45690

No data.

No data.