Lucene search
K

433 matches found

RedHat Linux
RedHat Linux
added 2023/03/01 10:2 p.m.7 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.9 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.8 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.3 views

SUSE CVE-2006-1173

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and migh...

5CVSS6.8AI score0.05078EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:41 a.m.4 views

SUSE CVE-2017-12962

There are memory leaks in LibSass 3.4.5 triggered by deeply nested code, such as code with a long sequence of open parenthesis characters, leading to a remote denial of service attack...

7.5CVSS7.1AI score0.01225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.6 views

SUSE CVE-2022-30635

Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures...

5.5CVSS7.8AI score0.01403EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.3 views

SUSE CVE-2022-42004

In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer.deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization...

7.5CVSS6.5AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/02/09 11:35 a.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/01/31 1:18 p.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/01/31 1:15 p.m.6 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/01/31 1:15 p.m.4 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/01/31 1:12 p.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/01/26 12:14 p.m.6 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/01/26 9:42 a.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/01/24 12:51 p.m.3 views

golang: go/parser: stack exhaustion in all Parse* functions

A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability...

5.5CVSS6.6AI score0.00863EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.2 views

PT-2023-18761 · Pandora · Pandora

Name of the Vulnerable Software and Affected Versions: Pandora aka pandora-analysis/pandora version 1.3.0 Description: The issue allows a denial of service when an attacker submits a deeply nested ZIP archive, also known as a ZIP bomb. This can be exploited through the workers/extractor.py...

6.5CVSS6.7AI score0.00617EPSS
Exploits0References8
OSV
OSV
added 2022/12/22 8:15 p.m.2 views

DEBIAN-CVE-2022-29909

Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

8.8CVSS8.4AI score0.00848EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/12/15 12:39 p.m.52 views

Important: Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.4 security update

An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...

9.8CVSS7.2AI score0.99615EPSS
Exploits10References6
RedHat Linux
RedHat Linux
added 2022/12/15 12:39 p.m.7 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/12/14 1:15 p.m.9 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
Rows per page
Query Builder