19 matches found
CVE-2022-45685
creationtimestamp| type| source ---|---|--- 2025-04-22 04:03:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12798...
Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.6 for Spring Boot security update.
Red Hat build of Apache Camel 3.20.6 for Spring Boot release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
Security Bulletin: IBM Sterling B2B Integrator EBICs client affected by multiple issues due to Jettison
Summary IBM Sterling B2B Integrator uses Jettison in its EBICs client. Vulnerability Details CVEID:CVE-2023-1436 DESCRIPTION: Jettison is vulnerable to a denial of service, caused by an infinite recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its...
Security Bulletin: Jettison component is vulnerable to CVE-2022-45685 and CVE-2022-45693 is used by IBM Maximo Application Suite
Summary IBM Maximo Application Suite uses Jettison package which is vulnerable to CVE-2022-45685 and CVE-2022-45693. Vulnerability Details CVEID:CVE-2022-45685 DESCRIPTION: Jettison is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending an overly long string usi...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : Jettison vulnerabilities (USN-6177-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6177-1 advisory. It was discovered that Jettison incorrectly handled certain inputs. If a user or an automated system were tricked int...
Amazon Linux 2 : jettison (ALAS-2023-2086)
The version of jettison installed on the remote host is prior to 1.3.3-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2086 advisory. 2024-02-01: CVE-2022-40150 was added to this advisory. Those using Jettison to parse untrusted XML or JSON data may be...
Huawei EulerOS: Security Advisory for jettison (EulerOS-SA-2023-2151)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : jettison (EulerOS-SA-2023-2151)
According to the versions of the jettison package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service DoS via crafted JSON data. CVE-2022-45685 - Jettison...
K000134496: Jettison vulnerability CVE-2022-45685
Security Advisory Description A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service DoS via crafted JSON data. CVE-2022-45685 Impact System performance degradation can occur until the process is forced to restart. This vulnerability allows an attacker to cause a...
Security Bulletin: Vulnerability in Jettison affects IBM Process Mining . CVE-2022-45685 + CVE-2022-45693
Summary There is a vulnerability in Jettison that could allow a remote attacker to cause a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-45685 DESCRIPTION: Jettison...
Security Bulletin: IBM UrbanCode Deploy (UCD) is vulnerable to denial of service due to Jettison-json (CVE-2022-45693, CVE-2022-45685)
Summary Jettison-json is used by IBM UrbanCode Deploy UCD for parsing JSON data. A remote authenticated user may cause high memory usage by sending a request containing specially crafted JSON data. CVE-2022-45693, CVE-2022-45685 Vulnerability Details CVEID:CVE-2022-45693 DESCRIPTION: Jettison is...
Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities
Summary IBM Data Risk Manager IDRM 2.0.6.15, which is the only supported version, is impacted by multiple vulnerabilities. The vulnerabilities have been addressed in the updated version of IDRM 2.0.6.16. Please see the remediation steps below to apply the fix. All customers are encouraged to act...
Debian DSA-5312-1 : libjettison-java - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5312 advisory. - Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an...
Debian dla-3259 : libjettison-java - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3259 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3259-1 [email protected]...
ae.teletronics.nlp:entityextraction (=1.3), ai.catboost:catboost-spark_2.11 (>=0.25-rc1 <=0.25-rc3) +9241 more potentially affected by CVE-2022-45685 via org.codehaus.jettison:jettison (>=1.0 <=1.5.1)
org.codehaus.jettison:jettison MAVEN version =1.0, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.10 and more Source cves: CVE-2022-45685 Source advisory: OSV:GHSA-7RF3-MQPX-H7XG...
CVE-2022-45685
A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service DoS via crafted JSON data...
CVE-2022-45685
CVE-2022-45685 affects the jettison library (libjettison-java) used in Java-based JSON parsing. The root cause is a stack overflow when parsing crafted JSON data, leading to Denial of Service (DoS). The NVD/CVE entries rate CVSS v3.1 at 7.5 (HIGH) with network access and no user interaction. Publ...
CVE-2022-45685
A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service DoS via crafted JSON data...
CVE-2022-45685
A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service DoS via crafted JSON data...