Eclipse · Eclipse Parsson · CVE-2023-4043
**Name of the Vulnerable Software and Affected Versions**
Eclipse Parsson versions prior to 1.1.4
Eclipse Parsson versions prior to 1.0.5
**Description**
Parsing JSON from untrusted sources can lead to exploitation due to edge cases in Java's built-in support for parsing numbers with large scales, resulting in unexpectedly large processing times.
**Recommendations**
For Eclipse Parsson versions prior to 1.1.4, update to version 1.1.4 or later to mitigate the risk.
For Eclipse Parsson versions prior to 1.0.5, update to version 1.0.5 or later to mitigate the risk.