An issue was discovered flexjson thru 3.3 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
https://sourceforge.net/p/flexjson/bugs/51/
https://sourceforge.net/p/flexjson/bugs/50/