Vulnerabilities > Eclipse > Parsson > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-4043 Excessive Iteration vulnerability in Eclipse Parsson
In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processing time than one would expect. To mitigate the risk, parsson put in place a size limit for the numbers as well as their scale.
network
low complexity
eclipse CWE-834
7.5