21 matches found
CVE-2022-21653
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
openSUSE: Security Advisory for jawn (openSUSE-SU-2022:0106-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE 15 Security Update : jawn (openSUSE-SU-2022:0106-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0106-1 advisory. - Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override...
Security update for jawn (important)
openSUSE Security Update: Security update for jawn Announcement ID: openSUSE-SU-2022:0106-1 Rating: important References: 1194358 Cross-References: CVE-2022-21653 CVSS scores: CVE-2022-21653 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.3 An update tha...
openSUSE 15 Security Update : jawn (openSUSE-SU-2022:0011-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0011-1 advisory. - Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override...
OPENSUSE-SU-2022:0011-1 Security update for jawn
This update for jawn fixes the following issues: CVE-2022-21653: DoS caused by a hash collision in SimpleFacade and MutableFacade boo1194358...
Security update for jawn (moderate)
openSUSE Security Update: Security update for jawn Announcement ID: openSUSE-SU-2022:0011-1 Rating: moderate References: 1194358 Cross-References: CVE-2022-21653 Affected Products: openSUSE Backports SLE-15-SP3 An update that fixes one vulnerability is now available. Description: This update for...
ch.acmesoftware:arangodb-scala-driver-circe_2.11 (=0.3.0), com.47deg:github4s-cats-effect_2.11 (=0.20.0) +322 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.11 (>=0.14.0 <=0.14.3)
org.typelevel:jawn-parser2.11 MAVEN version =0.14.0, =4.0.1, =4.0.1, =4.0.1, =0.4.0, =0.4.0, =0.4.0, =5.0.0, =4.2.0-RC1, =4.2.0-RC1, =4.4.0-RC2 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...
com.busymachines:pureharm-json-circe_2.13.0-RC2 (=0.0.2-M13), io.circe:circe-jawn_2.13.0-RC2 (=0.12.0-M2) +5 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13.0-RC2 (=0.14.2)
org.typelevel:jawn-parser2.13.0-RC2 MAVEN version =0.14.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.typelevel:jawn-parser2.13.0-RC2 and may be impacted: - com.busymachines:pureharm-json-circe2.13.0-RC2 =0.0.2-M13 - io.circe:circe-jawn2.13.0-R...
io.argonaut:argonaut-jawn_2.13.0-RC1 (=6.2.3), io.circe:circe-iteratee_2.13.0-RC1 (=0.13.0-M1) +8 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13.0-RC1 (=0.14.2)
org.typelevel:jawn-parser2.13.0-RC1 MAVEN version =0.14.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.typelevel:jawn-parser2.13.0-RC1 and may be impacted: - io.argonaut:argonaut-jawn2.13.0-RC1 =6.2.3 - io.circe:circe-iteratee2.13.0-RC1 =0.13.0-...
org.typelevel:jawn-ast_3.0.0-M1 (>=1.0.1 <=1.0.2), org.typelevel:jawn-json4s_3.0.0-M1 (>=1.0.1 <=1.0.2) +3 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3.0.0-M1 (>=1.0.1 <=1.0.2)
org.typelevel:jawn-parser3.0.0-M1 MAVEN version =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.2 Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...
ai.eto:rikai_2.13 (>=0.0.14 <=0.1.7), ai.mantik:bridge-protocol_2.13 (>=0.4.0 <=0.4.0-rc1) +1334 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13 (>=0.14.2 <=1.3.1)
org.typelevel:jawn-parser2.13 MAVEN version =0.14.2, =0.0.14, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0-rc1 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...
org.typelevel:jawn-ast_2.11 (>=1.0.0-RC1 <=1.0.0-RC2), org.typelevel:jawn-json4s_2.11 (>=1.0.0-RC1 <=1.0.0-RC2) +3 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.11 (>=1.0.0-RC1 <=1.0.0-RC2)
org.typelevel:jawn-parser2.11 MAVEN version =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC2 Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...
au.id.tmm.fetch:fetch-aws-dynamodb_3 (>=0.7.0 <=0.9.2), au.id.tmm.fetch:fetch-aws-textract_3 (>=0.2.0 <=0.9.2) +331 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3 (>=1.1.2 <=1.3.1)
org.typelevel:jawn-parser3 MAVEN version =1.1.2, =0.7.0, =0.2.0, =0.7.0, =0.2.0, =0.2.0, =0.29.0, =0.0.1, =0.0.1, =0.0-08b8c90, =0.0-08b8c90, =0.0-08b8c90, =0.1-f497734 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...
CVE-2022-21653
creationtimestamp| type| source ---|---|--- 2022-01-06 00:40:25+00:00| seen| https://t.me/cibsecurity/35014 2025-04-22 19:03:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12949...
CVE-2022-21653
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
CVE-2022-21653
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
CVE-2022-21653 Hash collision in typelevel jawn
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
CVE-2022-21653 Hash collision in typelevel jawn
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...
CVE-2022-21653
Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...