7 matches found
Security Bulletin: Content Manager Enterprise Edition for March 2024 - CVE-2023-3894
Summary Content Manager Enterprise Edition is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-389...
SUSE CVE-2023-3894
Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...
com.arassec.igor:igor-spring-boot-starter (>=0.6.7 <=0.6.8), com.arassec.igor:igor-standalone (>=0.6.7 <=0.6.8) +211 more potentially affected by CVE-2023-3894 via com.fasterxml.jackson.dataformat:jackson-dataformat-toml (>=2.12.3 <=2.14.2)
com.fasterxml.jackson.dataformat:jackson-dataformat-toml MAVEN version =2.12.3, =0.6.7, =0.6.7, =0.6.7, =0.0.1, =0.18.3, =0.18.3, =0.18.3, =0.18.3, =0.18.3, =0.18.3, =2023.2, =1.1.6, =3.0.0-snapshot.20240126.12648.0.va9dc2d63, =3.0.0-snapshot.20240126.12648.0.va9dc2d63,...
CVE-2023-3894
Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...
CVE-2023-3894 DOS in jackson-dataformats-text
Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...
CVE-2023-3894
CVE-2023-3894 affects FasterXML jackson-dataformats-text when parsing TOML, enabling potential DoS via stack overflow. IBM Cloud Pak System products list this CVE among vulnerabilities and recommend upgrading to Cloud Pak System 2.3.3.7 (Interim Fix 1) for general 2.3.x, or to Cloud Pak System 2....
CVE-2023-3894 DOS in jackson-dataformats-text
Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...