CVE-2024-21634

A vulnerability was found in Amazon Ion, an implementation of Ion data notation. Ion-java may be affected by denial of service DoS due to issues while deserializing encoded data into IonValue. A maliciously crafted Ion data structure may be processed and cause a StackOverflowError, leaving the...

DoS (Denial of Service) software.amazon.ion:ion-java Dependency in Bitbucket Data Center and Server

This High severity software.amazon.ion:ion-java Dependency vulnerability was introduced in versions 7.21.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0-eap01, 8.15.0, 8.16.0, 8.17.0, and 8.18.0 of Bitbucket Data Center and Server...

CVE-2024-21634 Ion Java StackOverflow vulnerability

Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in ion-java for applications that use ion-java to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the IonValue model and then...