How severe is CVE-2023-5072?

CVE-2023-5072 has a CVSS v3 score of 7.5 (HIGH).

CVE-2023-5072

Name: json-java
Author: stleary

7.5HIGH

Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.

Опубликовано: 10/12/2023Обновлено: 9/19/2025

Описание

Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.

ИИ-АнализНа базе ИИ

Затронутые продукты

stlearyjson-java

Ссылки

http://www.openwall.com/lists/oss-security/2023/12/13/4
https://github.com/stleary/JSON-java/issues/758
Issue Tracking
https://github.com/stleary/JSON-java/issues/771
ExploitIssue Tracking
https://security.netapp.com/advisory/ntap-20240621-0007/
http://www.openwall.com/lists/oss-security/2023/12/13/4
https://github.com/stleary/JSON-java/issues/758
Issue Tracking
https://github.com/stleary/JSON-java/issues/771
ExploitIssue Tracking
https://security.netapp.com/advisory/ntap-20240621-0007/