Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/06 12:0 a.m.5 views

Atlassian Jira Service Management Data Center and Server 5.12.0 < 5.12.29 (JSDSERVER-16465)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16465 advisory. - Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This...

7.5CVSS7AI score0.01395EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/19 7:21 p.m.33 views

Security Bulletin: IBM Sterling B2B Integrator EBICs client affected by multiple issues due to Jettison

Summary IBM Sterling B2B Integrator uses Jettison in its EBICs client. Vulnerability Details CVEID:CVE-2023-1436 DESCRIPTION: Jettison is vulnerable to a denial of service, caused by an infinite recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its...

7.5CVSS7.1AI score0.01395EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/06 5:51 p.m.48 views

Security Bulletin: Jettison component is vulnerable to CVE-2022-45685 and CVE-2022-45693 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Jettison package which is vulnerable to CVE-2022-45685 and CVE-2022-45693. Vulnerability Details CVEID:CVE-2022-45685 DESCRIPTION: Jettison is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending an overly long string usi...

7.5CVSS7.6AI score0.01395EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/06/19 12:0 a.m.56 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : Jettison vulnerabilities (USN-6177-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6177-1 advisory. It was discovered that Jettison incorrectly handled certain inputs. If a user or an automated system were tricked int...

7.5CVSS7.1AI score0.01395EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2023/06/13 12:0 a.m.25 views

Amazon Linux 2 : jettison (ALAS-2023-2086)

The version of jettison installed on the remote host is prior to 1.3.3-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2086 advisory. 2024-02-01: CVE-2022-40150 was added to this advisory. Those using Jettison to parse untrusted XML or JSON data may be...

7.5CVSS7.1AI score0.01395EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2023/06/09 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for jettison (EulerOS-SA-2023-2151)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.7AI score0.01395EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2023/06/09 12:0 a.m.29 views

EulerOS 2.0 SP5 : jettison (EulerOS-SA-2023-2151)

According to the versions of the jettison package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service DoS via crafted JSON data. CVE-2022-45685 - Jettison...

7.5CVSS7AI score0.01395EPSS
Exploits2References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/05 2:39 p.m.34 views

Security Bulletin: Vulnerability in Jettison affects IBM Process Mining . CVE-2022-45685 + CVE-2022-45693

Summary There is a vulnerability in Jettison that could allow a remote attacker to cause a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-45685 DESCRIPTION: Jettison...

7.5CVSS7.7AI score0.01395EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/30 7:17 p.m.58 views

Security Bulletin: IBM UrbanCode Deploy (UCD) is vulnerable to denial of service due to Jettison-json (CVE-2022-45693, CVE-2022-45685)

Summary Jettison-json is used by IBM UrbanCode Deploy UCD for parsing JSON data. A remote authenticated user may cause high memory usage by sending a request containing specially crafted JSON data. CVE-2022-45693, CVE-2022-45685 Vulnerability Details CVEID:CVE-2022-45693 DESCRIPTION: Jettison is...

7.5CVSS7.7AI score0.01395EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/15 3:13 p.m.85 views

Security Bulletin: Multiple Vulnerabilities (CVE-2022-45693, CVE-2022-4568) affects CICS Transaction Gateway for Multiplatforms.

Summary Multiple Vulnerabilities CVE-2022-45693, CVE-2022-4568 affects CICS Transaction Gateway for Multiplatforms. This fix resolves these vulnerabilities. Please note: PSIRT fixes for CICS Transaction Gateway for Multiplatforms 9.0 will be provided only for extended support customers with reque...

7.8CVSS7.4AI score0.01395EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/07 3:26 a.m.77 views

Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities

Summary IBM Data Risk Manager IDRM 2.0.6.15, which is the only supported version, is impacted by multiple vulnerabilities. The vulnerabilities have been addressed in the updated version of IDRM 2.0.6.16. Please see the remediation steps below to apply the fix. All customers are encouraged to act...

9.8CVSS9.4AI score0.95302EPSS
Exploits21Affected Software1
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.39 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8

New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.8AI score0.99615EPSS
Exploits42References32
RedHat Linux
RedHat Linux
added 2023/01/30 5:12 p.m.52 views

Important: Red Hat Security Advisory: Red Hat Camel for Spring Boot 3.14.5 Patch 1 release and security update

A patch is now available for Camel for Spring Boot 3.14.5. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS bas...

9.8CVSS6.8AI score0.0193EPSS
Exploits7References6
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.44 views

Debian DSA-5312-1 : libjettison-java - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5312 advisory. - Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an...

7.5CVSS7.1AI score0.01395EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2023/01/02 12:0 a.m.67 views

Debian dla-3259 : libjettison-java - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3259 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3259-1 [email protected]...

7.5CVSS7.1AI score0.01395EPSS
Exploits2References8
RedhatCVE
RedhatCVE
added 2022/12/23 5:5 a.m.42 views

CVE-2022-45693

A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service...

7.5CVSS4.3AI score0.01395EPSS
Exploits1References3
Circl
Circl
added 2022/12/13 6:22 p.m.6 views

CVE-2022-45693

creationtimestamp| type| source ---|---|--- 2022-12-13 18:22:05+00:00| seen| https://t.me/cibsecurity/54416...

7.5CVSS6.3AI score0.01395EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/12/13 3:30 p.m.6 views

ae.teletronics.nlp:entityextraction (=1.3), ai.catboost:catboost-spark_2.11 (>=0.25-rc1 <=0.25-rc3) +9241 more potentially affected by CVE-2022-45693 via org.codehaus.jettison:jettison (>=1.0 <=1.5.1)

org.codehaus.jettison:jettison MAVEN version =1.0, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.10 and more Source cves: CVE-2022-45693 Source advisory: OSV:GHSA-GRR4-WV38-F68W...

7.5CVSS6.5AI score0.01395EPSS
Exploits1
OSV
OSV
added 2022/12/13 3:15 p.m.1 views

DEBIAN-CVE-2022-45693

Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

7.5CVSS6.3AI score0.01395EPSS
Exploits1References1
CVE
CVE
added 2022/12/13 12:0 a.m.342 views

CVE-2022-45693

CVE-2022-45693 affects the Jettison library (libjettison-java) prior to version 1.5.2. The issue is a stack overflow triggered by the map parameter in Jettison, enabling a Denial of Service via a crafted string. Connected sources indicate affected projects and packages (Debian libjettison-java fi...

7.5CVSS7.3AI score0.01395EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder