11 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-33546
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on...
openSUSE: Security Advisory for janino (SUSE-SU-2023:3385-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : janino (SUSE-SU-2023:3385-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:3385-1 advisory. janino was upgraded to version 3.1.10: - CVE-2023-33546: Fixed DoS due to missing error handling bsc1211923. Tenable has extracted the preceding description...
Medium: janino
Issue Overview: janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. CVE-2023-3354...
SUSE CVE-2023-33546
Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...
CVE-2023-33546
creationtimestamp| type| source ---|---|--- 2023-06-01 16:30:15+00:00| seen| https://t.me/cibsecurity/64849...
CVE-2023-33546
Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...
CVE-2023-33546
Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...
CVE-2023-33546
Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...
CVE-2023-33546
CVE-2023-33546 affects Janino 3.1.9 and earlier, where the expression evaluator.guess parameter name method can trigger a denial-of-service via stack overflow if parsing user-supplied input. Documented impact is a DoS condition (parser crash) with local attack context; vendor/discussion notes tha...
CVE-2023-33546
Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...