Lucene search
GitHub Advisory DatabaseGHSA-5HC5-C3M9-8VCJHistorySep 17, 2022 - 12:00 a.m.
Denial of Service via stack overflow
2022-09-1700:00:41
CWE-787
GitHub Advisory Database
github.com
10
Withdrawn
This advisory has been withdrawn because it has been found to be a duplicate. Please see the issue here for more information.
Original Despcription
Those using FasterXML/woodstox to serialise XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
This vulnerability is only relevant for users making use of the DTD parsing functionality.
| CPE | Name | Operator | Version |
|---|---|---|---|
| com.fasterxml.woodstox:woodstox-core | lt | 5.4.0 | |
| com.fasterxml.woodstox:woodstox-core | lt | 6.4.0 |
Related
redhatcve
redhatcve
CVE-2022-40155
2022-10-13 15:31:03
debiancve
debiancve
CVE-2022-40155
2022-09-16 10:15:00
ubuntucve
ubuntucve
CVE-2022-40155
2022-09-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-09-19 05:49:37
cve
cve
CVE-2022-40155
2022-09-16 10:15:00
osv
osv
Denial of Service via stack overflow
2022-09-17 00:00:41
ibm
ibm
redhat
redhat
Related for GHSA-5HC5-C3M9-8VCJ