github-actions[bot]
commented
3 years ago Issue still exists.
Open github-actions[bot] opened 3 years ago
github-actions[bot]
commented
3 years ago Issue still exists.
Description
The package
JSON-javabefore 20171018 is vulnerable to Denial Of Service attack. The functionunescape()used in multiple java files, unescapes a given XML string twice, causing the application to crash, due to StringIndexOutOfBoundsException.HIGH Vulnerable Package issue exists @ org.json:json in branch ${basename
Vulnerability ID: Cx2906ba70-607a
Package Name: org.json:json
Severity: HIGH
CVSS Score: 7.5
Publish Date: 2017-08-18T09:31:00
Current Package Version: 20131018
Remediation Upgrade Recommendation: 20200518
Link To SCA