Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-1436

Опубликовано: 22 мар. 2023
Источник: debian

Описание

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libjettison-javafixed1.5.4-1package
libjettison-javano-dsabookwormpackage
libjettison-javano-dsabullseyepackage
libjettison-javapostponedbusterpackage

Примечания

  • https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/

  • https://github.com/jettison-json/jettison/issues/60

  • https://github.com/jettison-json/jettison/pull/62

  • https://github.com/jettison-json/jettison/commit/c20a8be23f698d7d89b7ccf8d328971cf4709b9f (jettison-1.5.4)

  • Introduced by: https://github.com/jettison-json/jettison/commit/be193159085b9fc2bc3526f8655871f9b0472d06 (jettison-1.3.1)

Связанные уязвимости

ubuntu логотип

CVE-2023-1436

CVSS3: 5.9
ubuntu
почти 3 года назад

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.

redhat логотип

CVE-2023-1436

CVSS3: 7.5
redhat
почти 3 года назад

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.

nvd логотип

CVE-2023-1436

CVSS3: 5.9
nvd
почти 3 года назад

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.

suse-cvrf логотип

SUSE-SU-2023:1948-1

suse-cvrf
почти 3 года назад

Security update for jettison

github логотип

GHSA-q6g2-g7f3-rr83

CVSS3: 7.5
github
почти 3 года назад

Jettison vulnerable to infinite recursion