Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service attack (CVE-2023-51074).

Summary IBM Event Endpoint Management is vulnerable to a denial of service due to json-path component, caused by a stack-based buffer overflow in the Criteria.parse method.It is a query language for JSON, similar to XPath for XML. It allows you to select and extract data from a JSON document...

Denial Of Service (DoS)

json-path is vulnerable to Denial Of Service DoS. The vulnerability is due an infinite recursion caused when a specially crafted input is passed to the Criteria.parse method which results in a stack overflow...

json-path Out-of-bounds Write vulnerability

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...

GHSA-PFH2-HFMQ-PHG5 json-path Out-of-bounds Write vulnerability

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...

CVE-2023-51074

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...

CVE-2023-51074

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...

CVE-2023-51074

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...

Stack overflow

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...

CVE-2023-51074

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...

CVE-2023-51074

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...

CVE-2023-51074

CVE-2023-51074 affects json-path v2.8.0 and involves a stack-based buffer overflow in Criteria.parse(). IBM’s Security Bulletin for IBM Rational Performance Tester lists affected products as Rational Performance Tester 9.2, 9.5, 10.0, 10.1, 10.2, and 11.0 (up to 11.0.6). A remediation is to upgra...