Description
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
Remediation
References
https://github.com/dromara/hutool/issues/2748
https://github.com/stleary/JSON-java/issues/708
Related Vulnerabilities
CVE-2023-38286 Vulnerability in maven package org.thymeleaf:thymeleaf
CVE-2022-43416 Vulnerability in maven package org.jenkins-ci.plugins:katalon
CVE-2022-24999 Vulnerability in maven package org.webjars:qs
CVE-2022-44729 Vulnerability in maven package org.apache.xmlgraphics:batik-transcoder
CVE-2020-15256 Vulnerability in maven package org.webjars.npm:object-path