| Release | Version |
|---|---|
| bullseye | 2.4-3.1 |
| bookworm | 2.4-3.1 |
| trixie | 3.1.0+dfsg-2 |
| forky | 3.1.0+dfsg-2 |
| sid | 3.1.0+dfsg-2 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2024-47855 | vulnerable (no DSA, postponed) | vulnerable | fixed | fixed | fixed | util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalance ... |
| CVE-2023-5072 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Denial of Service in JSON-Java versions up to and including 20230618. ... |