PT-2024-15264 · Eclipse · Eclipse Parsson

Parsson

Published

2024-07-17

Updated

2026-03-17

CVE-2023-7272

CVSS v4.0

9.2

Critical

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Name of the Vulnerable Software and Affected Versions Eclipse Parsson versions prior to 1.0.4 Eclipse Parsson versions prior to 1.1.3

Description A document with a large depth of nested objects can cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing JSON documents, including parsing, generating, transforming, and querying.

Recommendations For Eclipse Parsson versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue. For Eclipse Parsson versions prior to 1.1.3, update to version 1.1.3 or later to resolve the issue.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2023-7272

GHSA-2RWM-XV5J-777P

Affected Products

Eclipse Parsson

PT-2024-15264 · Eclipse · Eclipse Parsson

CVE-2023-7272

Weakness Enumeration

Related Identifiers

Affected Products

References · 11