exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2022-21653

около 4 лет назад

Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, but inherit from a library. `jawn-parser-1.3.1` fixes this issue and users are advised to upgrade. For users unable to upgrade override `objectContext()` to use a collision-safe collection.

CVSS3: 5.9

EPSS: Низкий

CVE-2022-21653

около 4 лет назад

Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, but inherit from a library. `jawn-parser-1.3.1` fixes this issue and users are advised to upgrade. For users unable to upgrade override `objectContext()` to use a collision-safe collection.

CVSS3: 5.9

EPSS: Низкий

CVE-2022-21653

около 4 лет назад

Jawn is an open source JSON parser. Extenders of the `org.typelevel.ja ...

CVSS3: 5.9

EPSS: Низкий

openSUSE-SU-2022:0106-1

около 4 лет назад

Security update for jawn

EPSS: Низкий

openSUSE-SU-2022:0011-1

около 4 лет назад

Security update for jawn

EPSS: Низкий

GHSA-vc89-hccf-rq55

около 4 лет назад

Hash collision in typelevel jawn

CVSS3: 5.9

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-21653 Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, but inherit from a library. `jawn-parser-1.3.1` fixes this issue and users are advised to upgrade. For users unable to upgrade override `objectContext()` to use a collision-safe collection.	CVSS3: 5.9	0% Низкий	около 4 лет назад
CVE-2022-21653 Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, but inherit from a library. `jawn-parser-1.3.1` fixes this issue and users are advised to upgrade. For users unable to upgrade override `objectContext()` to use a collision-safe collection.	CVSS3: 5.9	0% Низкий	около 4 лет назад
CVE-2022-21653 Jawn is an open source JSON parser. Extenders of the `org.typelevel.ja ...	CVSS3: 5.9	0% Низкий	около 4 лет назад
openSUSE-SU-2022:0106-1 Security update for jawn		0% Низкий	около 4 лет назад
openSUSE-SU-2022:0011-1 Security update for jawn		0% Низкий	около 4 лет назад
GHSA-vc89-hccf-rq55 Hash collision in typelevel jawn	CVSS3: 5.9	0% Низкий	около 4 лет назад

Уязвимостей на страницу