63 matches found
OSV-2026-609 Security exception in com.github.javaparser.ast.NodeList.forEach
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504814677 Crash type: Security exception Crash state: com.github.javaparser.ast.NodeList.forEach com.github.javaparser.ast.visitor.VoidVisitorAdapter.visit...
Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to JSON-Java
Summary IBM webMethods BPM uses JSON-Java for reading and parsing of JSON data. Vulnerability Details CVEID:CVE-2023-5072 DESCRIPTION: Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts...
MiracleLinux 4 : xerces-j2-2.7.1-12.6.AXS4 (AXSA:2013-718:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-718:01 advisory. The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition DTD defines the legal syntax and also...
EUVD-2020-0517
Malware in sbrugna...
EUVD-2022-3018
Malicious code in bioql PyPI...
OSV-2025-255 Security exception in com.github.javaparser.GeneratedJavaParser.Expression
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=407817254 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/java.lang.String.equals com.github.javaparser.utils.LineSeparator.lookup...
PT-2025-16186 · Git +1 · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The software is susceptible to a security exception triggered during the parsing of Java expressions. The crash state involves com.github.javaparser.GeneratedJavaParser.Expression,...
OSV-2025-239 Security exception in com.github.javaparser.GeneratedJavaParser.Expression
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=406331578 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/java.lang.StringLatin1.regionMatchesCI java.base/java.lang.String.regionMatches...
Amazon Linux 2 : xerces-j2 (ALAS-2024-2649)
The version of xerces-j2 installed on the remote host is prior to 2.11.0-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2649 advisory. Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted...
Medium: xerces-j2
Issue Overview: Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML service, which triggers hash table collisions. CVE-2012-0881 There's a vulnerability within the Apache Xerces Java XercesJ XML parser when...
Medium: xerces-j2
Issue Overview: Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML service, which triggers hash table collisions. CVE-2012-0881 There's a vulnerability within the Apache Xerces Java XercesJ XML parser when...
PT-2024-40839 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the CommentsInserter class. The crash occurs in the insertComments function, which is part of the JavaParser library. The error is also...
PT-2024-40827 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: A security exception crash has been reported. The crash involves the com.github.javaparser.GeneratedJavaParser.Expression and java.base/java.lang.StringUTF16.compress functions, as well as the...
PT-2024-40787 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the CommentsInserter class. The crash occurs in the insertComments function, which is part of the JavaParser library. The error is also...
PT-2024-40780 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: A security exception crash has been reported. The crash involves the insertComments function in com.github.javaparser.CommentsInserter, and the equals methods in...
OSV-2024-445 Security exception in com.github.javaparser.CommentsInserter.insertComments
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68730 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.lang.String.charAt java.base/sun.invoke.util.Wrapper.hashPrim...
PT-2024-40688 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the JavaParser library. A crash occurs due to a security exception, with the crash state involving the TreeVisitorValidator.accept and...
PT-2024-40676 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: A security exception occurs due to an issue in the TreeVisitorValidator.accept and FieldAccessExpr.getMetaModel functions. Recommendations: At the moment, there is no information about a...
PT-2024-40659 · Unknown · Generatedjavaparser
Name of the Vulnerable Software and Affected Versions: GeneratedJavaParser affected versions not specified Description: A security exception crash has been reported. The crash involves the com.github.javaparser.GeneratedJavaParser.Expression class, the java.base/java.lang.String.startsWith method...
PT-2024-40642 · Oracle · Java.Base
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the com.github.javaparser.GeneratedJavaParser.Expression class and methods within...