CVE-2023-4043

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 3, 2023

Updated: Nov 13, 2023

CWE ID 834

CWE ID 20

Summary

CVE-2023-4043 is a vulnerability affecting Eclipse Parsson versions 1.1.4 and 1.0.5. Malicious JSON inputs from untrusted sources can exploit edge cases in Java's built-in number parsing, leading to unexpectedly large processing times. This issue can cause performance degradation and potential denial of service attacks. To mitigate the risk, Eclipse Parsson implemented size limits for numbers and their scales.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Eclipse Parsson

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sMAlap
https://www.cve.org/CVERecord?id=CVE-2023-4043
https://nvd.nist.gov/vuln/detail/CVE-2023-4043

Back to Vulnerability Database

CVE-2023-4043

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations