Description
Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of many JSON object fields (with keys that have the same hash code).
Remediation
References
https://github.com/spray/spray-json/issues/277
Related Vulnerabilities
CVE-2023-30519 Vulnerability in maven package org.jenkins-ci.plugins:quayio-trigger
CVE-2022-36903 Vulnerability in maven package org.jenkins-ci.plugins:repository-connector
CVE-2010-1622 Vulnerability in maven package org.springframework:spring
CVE-2022-40152 Vulnerability in maven package com.fasterxml.woodstox:woodstox-core
CVE-2022-31147 Vulnerability in maven package org.webjars:jquery-validation