openSUSE 15 Security Update : jettison (SUSE-SU-2023:1948-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:1948-1 advisory. - An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This...

CVE-2023-1436

A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown...

Denial Of Service (DoS)

org.codehaus.jettison:jettison is vulnerable to Denial of Service DoS. The vulnerability is due to an infinite loop when constructing a JSONArray from a Collection that contains a self-reference in one of its elements which leads to a StackOverflowError exception, resulting in an application cras...

json-smart Uncontrolled Recursion vulnerability

Impact Affected versions of net.minidev:json-smart are vulnerable to Denial of Service DoS due to a StackOverflowError when parsing a deeply nested JSON array or object. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered tha...

Jettison vulnerable to infinite recursion

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown...

CVE-2023-1436

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown...

CVE-2023-1436

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown...

Design/Logic Flaw

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown...

CVE-2023-1436

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown...

CVE-2023-1436 Infinite recursion in Jettison leads to denial of service when creating a crafted JSONArray

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown...

CVE-2023-1436

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown...

CVE-2023-1436

CVE-2023-1436 : Jettison triggers an infinite recursion when constructing a JSONArray from a Collection containing a self-reference, leading to a DoS/StackOverflow in vulnerable deployments. Connected IBM advisories tie this to IBM watsonx.data and list remediation: upgrade to watsonx.data 2.0.3 ...

CVE-2023-1436 Infinite recursion in Jettison leads to denial of service when creating a crafted JSONArray

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown...

xwiki vulnerable to Improper Handling of Exceptional Conditions

Impact Users with write rights can insert well-formed content that is not handled well by the parser. For instance, with xwiki/2.1, inserting a deeply nested group blocks .... see the generator below to produce a large payload can lead to the parser throwing a StackOverflowError. As a consequence...

GHSA-52VF-HVV3-98H7 xwiki vulnerable to Improper Handling of Exceptional Conditions

Impact Users with write rights can insert well-formed content that is not handled well by the parser. For instance, with xwiki/2.1, inserting a deeply nested group blocks .... see the generator below to produce a large payload can lead to the parser throwing a StackOverflowError. As a consequence...

XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow

Impact The vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream. Patches XStream 1.4.20 handles the stack overflow and raises an InputManipulationException instead...

Denial Of Service (DoS)

netty-codec-haproxy is vulnerable to Denial Of Service DoS. The vulnerability is due to a StackOverflowError in the HAProxyMessage.java as it does not properly limit the maximum nesting of TLV, allowing an attacker to cause an application crash via infinite recursion by passing a maliciously...

GHSA-FX2C-96VJ-985V HAProxyMessageDecoder Stack Exhaustion DoS

Impact A StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. Patches Users should upgrade to 4.1.86.Final. Workarounds There is no workaround, except using a custom HaProxyMessageDecoder. References When parsing a TLV with type = PP2TYPESSL, the...

HAProxyMessageDecoder Stack Exhaustion DoS

Impact A StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. Patches Users should upgrade to 4.1.86.Final. Workarounds There is no workaround, except using a custom HaProxyMessageDecoder. References When parsing a TLV with type = PP2TYPESSL, the...

CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...