Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 19 Sep 2025 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Stleary
Stleary json-java |
|
CPEs | cpe:2.3:a:stleary:json-java:*:*:*:*:*:*:*:* | |
Vendors & Products |
Json-java Project
Json-java Project json-java |
Stleary
Stleary json-java |
Thu, 21 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: Google
Published:
Updated: 2025-02-13T17:19:28.975Z
Reserved: 2023-09-19T18:29:03.608Z
Link: CVE-2023-5072

Updated: 2024-08-02T07:44:53.789Z

Status : Modified
Published: 2023-10-12T17:15:10.187
Modified: 2025-09-19T18:54:20.100
Link: CVE-2023-5072


No data.