Lucene search

CVE-2022-40151

🗓️ 16 Sep 2022 10:09:15Reported by GoogleType

osv🔗 osv.dev👁 30 Views

Xstream XML serialization vulnerability for DOS attack

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 57
IBM Security Bulletins	Security Bulletin: FileNet Content Manager (FNCM) FileNet Content Search Services (CSS) ThoughtWorks XStream security vulnerabilities, affected, not vulnerable	27 Jun 202318:54	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in XStream library affects IBM Engineering Test Management (ETM) (CVE-2022-40151)	29 Sep 202311:47	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in XStream affects IBM Process Mining . CVE-2022-40151	5 May 202314:36	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Protect Client and IBM Storage Protect for Space Management are vulnerable to denial of service due to CVEs in XStream (woodstox) (CVE-2022-40151, CVE-2022-40152)	15 Nov 202313:42	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Content Navigator is vulnerable to a Denial of Service attack due to Xstream (CVE-2022-40151, CVE-2022-40152, CVE-2022-40153)	6 Dec 202223:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Content Navigator may affect IBM Business Automation Workflow	23 Mar 202322:37	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Protect for Virtual Environments is vulnerable to arbitrary code execution, sensitive information disclosure, and denial of service due to CVEs in Apache Velocity, Apache Jena, and XStream (woodstox)	17 Nov 202323:49	–	ibm
IBM Security Bulletins	Security Bulletin: Due to the use of XStream, IBM Tivoli Netcool Configuration Manager is vulnerable to Denial of Service (DoS) attacks	27 Jan 202313:51	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in XStream	2 May 202320:33	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to a denial of service attack due to FasterXML Woodstox	30 Apr 202321:15	–	ibm

Source	Link
bugs	www.bugs.chromium.org/p/oss-fuzz/issues/detail
github	www.github.com/x-stream/xstream/issues/304
security-tracker	www.security-tracker.debian.org/tracker/CVE-2022-40151

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Sep 2022 10:15Current

9.1High risk

Vulners AI Score9.1

CVSS36.5 - 7.5

EPSS0.00197

SSVC