CVE-2022-45685

CVE-2022-45685

A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.

Published Dec 14, 2022

CVSS ScoreHigh

7.5

CVE-2022-45685

A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.

Published Dec 14, 2022

CVSS ScoreHigh

7.5

CVE ID: CVE-2022-45685
CWE: CWE-787
CVE Description: A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.
Published: Dec 14, 2022
CVSS Score & Severity: 7.5High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.250%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: org/codehaus/jettison/json/JSONObject.<init>(Ljava/util/Map;)V
JVMVulnerable params: 0
org/codehaus/jettison/json/JSONTokener.newJSONArray()Lorg/codehaus/jettison/json/JSONArray;
JVM
org/codehaus/jettison/json/JSONTokener.newJSONObject()Lorg/codehaus/jettison/json/JSONObject;
JVM
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · ReleaseEVIDENCE
GitHub · Issue #54PROJECT

CVE ID: CVE-2022-45685
CWE: CWE-787
CVE Description: A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.
Published: Dec 14, 2022
CVSS Score & Severity: 7.5High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.250%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: org/codehaus/jettison/json/JSONObject.<init>(Ljava/util/Map;)V
JVMVulnerable params: 0
org/codehaus/jettison/json/JSONTokener.newJSONArray()Lorg/codehaus/jettison/json/JSONArray;
JVM
org/codehaus/jettison/json/JSONTokener.newJSONObject()Lorg/codehaus/jettison/json/JSONObject;
JVM
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · ReleaseEVIDENCE
GitHub · Issue #54PROJECT

Find vulnerabilities. Fix fast with AI.