| Release | Version |
|---|---|
| bullseye | 2.4-3.1 |
| bookworm | 2.4-3.1 |
| trixie | 3.1.0+dfsg-2 |
| sid | 3.1.0+dfsg-2 |
| Bug | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|
| CVE-2024-47855 | vulnerable (no DSA, postponed) | vulnerable | fixed | fixed | util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalance ... |
| CVE-2023-5072 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Denial of Service in JSON-Java versions up to and including 20230618. ... |