Search for packages
| purl | pkg:maven/org.eclipse.parsson/parsson@1.0.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-gckj-wdhj-wfhe | Eclipse Parsson Denial of Service vulnerability In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processing time than one would expect. To mitigate the risk, parsson put in place a size limit for the numbers as well as their scale. |
CVE-2023-4043
GHSA-g8p6-p27c-52fx |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T22:42:28.775382+00:00 | GitLab Importer | Fixing | VCID-gckj-wdhj-wfhe | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.parsson/parsson/CVE-2023-4043.yml | 38.4.0 |
| 2026-04-12T00:02:00.243135+00:00 | GitLab Importer | Fixing | VCID-gckj-wdhj-wfhe | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.parsson/parsson/CVE-2023-4043.yml | 38.3.0 |
| 2026-04-03T00:05:01.452106+00:00 | GitLab Importer | Fixing | VCID-gckj-wdhj-wfhe | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.parsson/parsson/CVE-2023-4043.yml | 38.1.0 |
| 2026-04-01T12:52:04.244739+00:00 | GitLab Importer | Fixing | VCID-gckj-wdhj-wfhe | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.parsson/parsson/CVE-2023-4043.yml | 38.0.0 |