Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.eclipse.parsson/project@1.1.1
purl pkg:maven/org.eclipse.parsson/project@1.1.1
Next non-vulnerable version 1.1.4
Latest non-vulnerable version 1.1.4
Risk 3.4
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-gckj-wdhj-wfhe
Aliases:
CVE-2023-4043
GHSA-g8p6-p27c-52fx
Eclipse Parsson Denial of Service vulnerability In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processing time than one would expect. To mitigate the risk, parsson put in place a size limit for the numbers as well as their scale.
1.1.4
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:42:25.151407+00:00 GitLab Importer Affected by VCID-gckj-wdhj-wfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.parsson/project/CVE-2023-4043.yml 38.4.0
2026-04-12T00:01:57.499086+00:00 GitLab Importer Affected by VCID-gckj-wdhj-wfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.parsson/project/CVE-2023-4043.yml 38.3.0
2026-04-03T00:04:58.526534+00:00 GitLab Importer Affected by VCID-gckj-wdhj-wfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.parsson/project/CVE-2023-4043.yml 38.1.0