org.apache.sling.commons.json is vulnerable to Improper Input Validation. The vulnerability exists because the library does not properly validate user inputs, which allows an attacker to trigger unexpected errors by supplying maliciously crafted input.
CVE
2022-47937
CVSS score
9.3
Vulnerability present in version/s
2.0.2-incubator-2.0.20
Found library version/s
2.0.4-incubator
Vulnerability fixed in version
Library latest version
2.0.20
Fix
The maintainer no longer supports this package. It is recommended to use alternative packages
Veracode Software Composition Analysis
Links: