René's URL Explorer Experiment

Title: CVE-2022-45688 (High) detected in json-20160212.jar · Issue #9 · turkdevops/browserstack-local-java · GitHub

Open Graph Title: CVE-2022-45688 (High) detected in json-20160212.jar · Issue #9 · turkdevops/browserstack-local-java

X Title: CVE-2022-45688 (High) detected in json-20160212.jar · Issue #9 · turkdevops/browserstack-local-java

Description: CVE-2022-45688 - High Severity Vulnerability Vulnerable Library - json-20160212.jar JSON is a light-weight, language independent, data interchange format. See http://www.JSON.org/ The files in this package implement JSON encoders/decoder...

Open Graph Description: CVE-2022-45688 - High Severity Vulnerability Vulnerable Library - json-20160212.jar JSON is a light-weight, language independent, data interchange format. See http://www.JSON.org/ The files in this...

X Description: CVE-2022-45688 - High Severity Vulnerability Vulnerable Library - json-20160212.jar JSON is a light-weight, language independent, data interchange format. See http://www.JSON.org/ The files in this...

Opengraph URL: https://github.com/turkdevops/browserstack-local-java/issues/9

X: @github

direct link

Domain: patch-diff.githubusercontent.com

Hey, it has json ld scripts:

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"CVE-2022-45688 (High) detected in json-20160212.jar","articleBody":"## CVE-2022-45688 - High Severity Vulnerability\n\u003cdetails\u003e\u003csummary\u003e\u003cimg src='https://whitesource-resources.whitesourcesoftware.com/vulnerability_details.png' width=19 height=20\u003e Vulnerable Library - \u003cb\u003ejson-20160212.jar\u003c/b\u003e\u003c/p\u003e\u003c/summary\u003e\n\n\u003cp\u003eJSON is a light-weight, language independent, data interchange format.\n\t\tSee http://www.JSON.org/\n\n\t\tThe files in this package implement JSON encoders/decoders in Java.\n\t\tIt also includes the capability to convert between JSON and XML, HTTP\n\t\theaders, Cookies, and CDL.\n\n\t\tThis is a reference implementation. There is a large number of JSON packages\n\t\tin Java. Perhaps someday the Java community will standardize on one. Until\n\t\tthen, choose carefully.\n\n\t\tThe license includes this restriction: \"The software shall be used for good,\n\t\tnot evil.\" If your conscience cannot live with that, then choose a different\n\t\tpackage.\u003c/p\u003e\n\u003cp\u003eLibrary home page: \u003ca href=\"https://github.com/douglascrockford/JSON-java\"\u003ehttps://github.com/douglascrockford/JSON-java\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003ePath to dependency file: /pom.xml\u003c/p\u003e\n\u003cp\u003ePath to vulnerable library: /canner/.m2/repository/org/json/json/20160212/json-20160212.jar\u003c/p\u003e\n\u003cp\u003e\n\nDependency Hierarchy:\n  - :x: **json-20160212.jar** (Vulnerable Library)\n\u003cp\u003eFound in base branch: \u003cb\u003emaster\u003c/b\u003e\u003c/p\u003e\n\u003c/p\u003e\n\u003c/details\u003e\n\u003cp\u003e\u003c/p\u003e\n\u003cdetails\u003e\u003csummary\u003e\u003cimg src='https://whitesource-resources.whitesourcesoftware.com/high_vul.png?' width=19 height=20\u003e Vulnerability Details\u003c/summary\u003e\n\u003cp\u003e  \n  \nA stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.\n\n\u003cp\u003ePublish Date: 2022-12-13\n\u003cp\u003eURL: \u003ca href=https://www.mend.io/vulnerability-database/CVE-2022-45688\u003eCVE-2022-45688\u003c/a\u003e\u003c/p\u003e\n\u003c/p\u003e\n\u003c/details\u003e\n\u003cp\u003e\u003c/p\u003e\n\u003cdetails\u003e\u003csummary\u003e\u003cimg src='https://whitesource-resources.whitesourcesoftware.com/cvss3.png' width=19 height=20\u003e CVSS 3 Score Details (\u003cb\u003e7.5\u003c/b\u003e)\u003c/summary\u003e\n\u003cp\u003e\n\nBase Score Metrics:\n- Exploitability Metrics:\n  - Attack Vector: Network\n  - Attack Complexity: Low\n  - Privileges Required: None\n  - User Interaction: None\n  - Scope: Unchanged\n- Impact Metrics:\n  - Confidentiality Impact: None\n  - Integrity Impact: None\n  - Availability Impact: High\n\u003c/p\u003e\nFor more information on CVSS3 Scores, click \u003ca href=\"https://www.first.org/cvss/calculator/3.0\"\u003ehere\u003c/a\u003e.\n\u003c/p\u003e\n\u003c/details\u003e\n\u003cp\u003e\u003c/p\u003e\n\u003cdetails\u003e\u003csummary\u003e\u003cimg src='https://whitesource-resources.whitesourcesoftware.com/suggested_fix.png' width=19 height=20\u003e Suggested Fix\u003c/summary\u003e\n\u003cp\u003e\n\n\u003cp\u003eType: Upgrade version\u003c/p\u003e\n\u003cp\u003eOrigin: \u003ca href=\"https://github.com/advisories/GHSA-3vqj-43w4-2q58\"\u003ehttps://github.com/advisories/GHSA-3vqj-43w4-2q58\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eRelease Date: 2022-12-13\u003c/p\u003e\n\u003cp\u003eFix Resolution: 20230227\u003c/p\u003e\n\n\u003c/p\u003e\n\u003c/details\u003e\n\u003cp\u003e\u003c/p\u003e\n\n***\nStep up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)","author":{"url":"https://github.com/mend-bolt-for-github[bot]","@type":"Person","name":"mend-bolt-for-github[bot]"},"datePublished":"2023-05-02T01:15:37.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":0},"url":"https://github.com/9/browserstack-local-java/issues/9"}

route-pattern	/_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format)
route-controller	voltron_issues_fragments
route-action	issue_layout
fetch-nonce	v2:db876fec-c166-e1d6-6b12-bdb806b03aba
current-catalog-service-hash	81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114
request-id	CCD4:37DD1D:58D9C96:78A7351:697330B5
html-safe-nonce	57787c932ab9628f52547c2f215f805e81f1e01dccf98a84d875fb857bf6792b
visitor-payload	eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJDQ0Q0OjM3REQxRDo1OEQ5Qzk2Ojc4QTczNTE6Njk3MzMwQjUiLCJ2aXNpdG9yX2lkIjoiNzA1NjAwNzg1ODg4OTEwOTY4NSIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmac	9a7e7a514874d33893c20bf42e5823a3a3e350865e5473b6440772fdf7f9e6dc
hovercard-subject-tag	issue:1691638607
github-keyboard-shortcuts	repository,issues,copilot
google-site-verification	Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-url	https://collector.github.com/github/collect
analytics-location	///voltron/issues_fragments/issue_layout
fb:app_id	1401488693436528
apple-itunes-app	app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/turkdevops/browserstack-local-java/9/issue_layout
twitter:image	https://opengraph.githubassets.com/76acfe2bc5a4616b453987f9fa4db72a76c089ed79c1ba6b63e74576ef63b7cb/turkdevops/browserstack-local-java/issues/9
twitter:card	summary_large_image
og:image	https://opengraph.githubassets.com/76acfe2bc5a4616b453987f9fa4db72a76c089ed79c1ba6b63e74576ef63b7cb/turkdevops/browserstack-local-java/issues/9
og:image:alt	CVE-2022-45688 - High Severity Vulnerability Vulnerable Library - json-20160212.jar JSON is a light-weight, language independent, data interchange format. See http://www.JSON.org/ The files in this...
og:image:width	1200
og:image:height	600
og:site_name	GitHub
og:type	object
og:author:username	mend-bolt-for-github[bot]
hostname	github.com
expected-hostname	github.com
None	44ab3188c1dcfe3be0f9c3feca2e04e14fb79f120939ce2395e4f15ab96ec1d4
turbo-cache-control	no-preview
go-import	github.com/turkdevops/browserstack-local-java git https://github.com/turkdevops/browserstack-local-java.git
octolytics-dimension-user_id	67343988
octolytics-dimension-user_login	turkdevops
octolytics-dimension-repository_id	380028467
octolytics-dimension-repository_nwo	turkdevops/browserstack-local-java
octolytics-dimension-repository_public	true
octolytics-dimension-repository_is_fork	true
octolytics-dimension-repository_parent_id	51923142
octolytics-dimension-repository_parent_nwo	browserstack/browserstack-local-java
octolytics-dimension-repository_network_root_id	51923142
octolytics-dimension-repository_network_root_nwo	browserstack/browserstack-local-java
turbo-body-classes	logged-out env-production page-responsive
disable-turbo	false
browser-stats-url	https://api.github.com/_private/browser/stats
browser-errors-url	https://api.github.com/_private/browser/errors
release	a5e2b48bd1260476599758f5d253b5d24092ab84
ui-target	full
theme-color	#1e2327
color-scheme	light dark

Links:

Skip to content	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/issues/9#start-of-content
	https://patch-diff.githubusercontent.com/
Sign in	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fturkdevops%2Fbrowserstack-local-java%2Fissues%2F9
GitHub CopilotWrite better code with AI	https://github.com/features/copilot
GitHub SparkBuild and deploy intelligent apps	https://github.com/features/spark
GitHub ModelsManage and compare prompts	https://github.com/features/models
MCP RegistryNewIntegrate external tools	https://github.com/mcp
ActionsAutomate any workflow	https://github.com/features/actions
CodespacesInstant dev environments	https://github.com/features/codespaces
IssuesPlan and track work	https://github.com/features/issues
Code ReviewManage code changes	https://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilities	https://github.com/security/advanced-security
Code securitySecure your code as you build	https://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they start	https://github.com/security/advanced-security/secret-protection
Why GitHub	https://github.com/why-github
Documentation	https://docs.github.com
Blog	https://github.blog
Changelog	https://github.blog/changelog
Marketplace	https://github.com/marketplace
View all features	https://github.com/features
Enterprises	https://github.com/enterprise
Small and medium teams	https://github.com/team
Startups	https://github.com/enterprise/startups
Nonprofits	https://github.com/solutions/industry/nonprofits
App Modernization	https://github.com/solutions/use-case/app-modernization
DevSecOps	https://github.com/solutions/use-case/devsecops
DevOps	https://github.com/solutions/use-case/devops
CI/CD	https://github.com/solutions/use-case/ci-cd
View all use cases	https://github.com/solutions/use-case
Healthcare	https://github.com/solutions/industry/healthcare
Financial services	https://github.com/solutions/industry/financial-services
Manufacturing	https://github.com/solutions/industry/manufacturing
Government	https://github.com/solutions/industry/government
View all industries	https://github.com/solutions/industry
View all solutions	https://github.com/solutions
AI	https://github.com/resources/articles?topic=ai
Software Development	https://github.com/resources/articles?topic=software-development
DevOps	https://github.com/resources/articles?topic=devops
Security	https://github.com/resources/articles?topic=security
View all topics	https://github.com/resources/articles
Customer stories	https://github.com/customer-stories
Events & webinars	https://github.com/resources/events
Ebooks & reports	https://github.com/resources/whitepapers
Business insights	https://github.com/solutions/executive-insights
GitHub Skills	https://skills.github.com
Documentation	https://docs.github.com
Customer support	https://support.github.com
Community forum	https://github.com/orgs/community/discussions
Trust center	https://github.com/trust-center
Partners	https://github.com/partners
GitHub SponsorsFund open source developers	https://github.com/sponsors
Security Lab	https://securitylab.github.com
Maintainer Community	https://maintainers.github.com
Accelerator	https://github.com/accelerator
Archive Program	https://archiveprogram.github.com
Topics	https://github.com/topics
Trending	https://github.com/trending
Collections	https://github.com/collections
Enterprise platformAI-powered developer platform	https://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security features	https://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI features	https://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 support	https://github.com/premium-support
Pricing	https://github.com/pricing
Search syntax tips	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentation	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fturkdevops%2Fbrowserstack-local-java%2Fissues%2F9
Sign up	https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fissues_fragments%2Fissue_layout&source=header-repo&source_repo=turkdevops%2Fbrowserstack-local-java
Reload	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/issues/9
Reload	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/issues/9
Reload	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/issues/9
turkdevops	https://patch-diff.githubusercontent.com/turkdevops
browserstack-local-java	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java
browserstack/browserstack-local-java	https://patch-diff.githubusercontent.com/browserstack/browserstack-local-java
Notifications	https://patch-diff.githubusercontent.com/login?return_to=%2Fturkdevops%2Fbrowserstack-local-java
Fork 0	https://patch-diff.githubusercontent.com/login?return_to=%2Fturkdevops%2Fbrowserstack-local-java
Star 1	https://patch-diff.githubusercontent.com/login?return_to=%2Fturkdevops%2Fbrowserstack-local-java
Code	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java
Issues 3	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/issues
Pull requests 1	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/pulls
Discussions	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/discussions
Actions	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/actions
Projects 0	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/projects
Security 0	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/security
Insights	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/pulse
Code	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java
Issues	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/issues
Pull requests	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/pulls
Discussions	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/discussions
Actions	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/actions
Projects	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/projects
Security	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/security
Insights	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/pulse
New issue	https://patch-diff.githubusercontent.com/login?return_to=https://github.com/turkdevops/browserstack-local-java/issues/9
New issue	https://patch-diff.githubusercontent.com/login?return_to=https://github.com/turkdevops/browserstack-local-java/issues/9
CVE-2022-45688 (High) detected in json-20160212.jar	https://patch-diff.githubusercontent.com/turkdevops/browserstack-local-java/issues/9#top
Mend: dependency security vulnerabilitySecurity vulnerability detected by WhiteSource	https://github.com/turkdevops/browserstack-local-java/issues?q=state%3Aopen%20label%3A%22Mend%3A%20dependency%20security%20vulnerability%22
	https://github.com/apps/mend-bolt-for-github
	https://github.com/apps/mend-bolt-for-github
mend-bolt-for-github	https://github.com/apps/mend-bolt-for-github
on May 2, 2023	https://github.com/turkdevops/browserstack-local-java/issues/9#issue-1691638607
CVE-2022-45688	https://github.com/advisories/GHSA-3vqj-43w4-2q58
	https://camo.githubusercontent.com/7f707ecbb163ab74b555da5daea2f4e73596a00ea0f498a511bb2245fe6dcafc/68747470733a2f2f7768697465736f757263652d7265736f75726365732e7768697465736f75726365736f6674776172652e636f6d2f76756c6e65726162696c6974795f64657461696c732e706e67
https://github.com/douglascrockford/JSON-java	https://github.com/douglascrockford/JSON-java
	https://camo.githubusercontent.com/125e841b4013c3a9f2667448284833b87559a0832236e9cab64aefb6210078ab/68747470733a2f2f7768697465736f757263652d7265736f75726365732e7768697465736f75726365736f6674776172652e636f6d2f686967685f76756c2e706e673f
CVE-2022-45688	https://www.mend.io/vulnerability-database/CVE-2022-45688
	https://camo.githubusercontent.com/8b05d7d0c83d5dc1f3422d1e4497c6a700365c61fc1dd1e3769cd369cdeb63a5/68747470733a2f2f7768697465736f757263652d7265736f75726365732e7768697465736f75726365736f6674776172652e636f6d2f63767373332e706e67
here	https://www.first.org/cvss/calculator/3.0
	https://camo.githubusercontent.com/a06e014122a02d3958748cbca226e8fc721aaef2a61d9ec4be1c79248702fdd7/68747470733a2f2f7768697465736f757263652d7265736f75726365732e7768697465736f75726365736f6674776172652e636f6d2f7375676765737465645f6669782e706e67
GHSA-3vqj-43w4-2q58	https://github.com/advisories/GHSA-3vqj-43w4-2q58
here	https://www.whitesourcesoftware.com/full_solution_bolt_github
Mend: dependency security vulnerabilitySecurity vulnerability detected by WhiteSource	https://github.com/turkdevops/browserstack-local-java/issues?q=state%3Aopen%20label%3A%22Mend%3A%20dependency%20security%20vulnerability%22
	https://github.com
Terms	https://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacy	https://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Security	https://github.com/security
Status	https://www.githubstatus.com/
Community	https://github.community/
Docs	https://docs.github.com/
Contact	https://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.