25 matches found
Security Bulletin: Rational Performance Tester contains a vulnerability which could result in a denial of service
Summary Due to the use of the json-path library, Rational Performance Tester contains a vulnerability which could results in a potential denial of service attack. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path v2.8.0 was discovered to contain a stack overflow via the...
Linux Distros Unpatched Vulnerability : CVE-2023-51074
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method. CVE-2023-51074 Note that Nessus relies on the presence of the package...
Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to the json-path component (CVE-2023-51074).
Summary IBM Event Streams is vulnerable to a denial of service attack due to the json-path component. JSON-Path is a query language for JSON, similar to XPath for XML. It allows us to select and extract data from a JSON document. we use a JSON-Path expression to traverse the path to an element in...
Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnearble to denial of service due to json-path (CVE-2023-51074)
Summary B2B API of IBM Sterling B2B Integrator is vulnearble to denial of service due to json-path CVE-2023-51074. IBM Sterling B2B Integrator has remediated this vulnerabilty; Follow steps identified in Remediation/Fixes section to address vulnerability in your environment. Vulnerability Details...
Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update
Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: Red Hat Build of Apache Camel security update
Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
Security Bulletin: IBM Event Processing is vulnerable to a denial of service attack (CVE-2023-51074).
Summary IBM Event Processing is vulnerable to a denial of service due to json-path component , caused by a stack-based buffer overflow in the Criteria.parse method. It is a query language for JSON, similar to XPath for XML. It allows you to select and extract data from a JSON document...
Security Bulletin: IBM Datapower Operations Dashboard could be vulnerable to a denial of service CVE-2023-51074
Summary json-path is used by the IBM Datapower Operations Dashboard to query JSON documents. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, caused by a stack-based buffer overflow in the Criteria.parse method. By sending a specially crafted...
Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 269. Vulnerability Details CVEID:CVE-2024-20918 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause...
Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to json-path [CVE-2023-51074]
Summary The Transformation Advisor Tool in IBM App Connect Enterprise is vulnerable to a denial of service due to json-path. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of...
OESA-2024-1252 json-path security update
Java DSL for reading and testing JSON documents. Security Fixes: json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method.CVE-2023-51074...
Security Bulletin: Denial of Service vulnerability affect IBM Business Automation Workflow Event Emitters - CVE-2023-51074
Summary IBM Business Automation Workflow Event Emitters are vulnerable to a Denial of Service attack. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, caused by a stack-based buffer overflow in the Criteria.parse method. By sending a speciall...
Security Bulletin: Json-path is vulnerable to CVE-2023-51074 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses json-path which is vulnerable to CVE-2023-51074. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, caused by...
Moderate: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.5 release and security update
Red Hat Integration Camel for Spring Boot 3.20.5 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 release (RHBQ 3.2.10.Final)
An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available updates to RHBQ 3.2.10.Final. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Security Bulletin: IBM Asset Data Dictionary Component uses json-path-2.6.0.jar which is vulnerable to CVE-2023-51074.
Summary IBM Asset Data Dictionary Component uses json-path-2.6.0.jar which is vulnerable to CVE-2023-51074. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, cause...
CVE-2023-51074
A stack overflow vulnerability was found in the Criteria.parse method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service...
africa.absa:inception-test (>=1.0.0 <=1.2.0), ai.apiverse:apipulse (=1.0.1) +9501 more potentially affected by CVE-2023-51074 via com.jayway.jsonpath:json-path (>=2.2.0 <=2.8.0)
com.jayway.jsonpath:json-path MAVEN version =2.2.0, =1.0.0, =0.0.2, =0.0.2, =0.0.10, =0.0.6, =1.1.0, =1.6.8, =4.1.0, =4.0.0, =3.4.0, =3.5.4-rc.0, =2.0, =2.0, =3.0 and more Source cves: CVE-2023-51074 Source advisory: OSV:GHSA-PFH2-HFMQ-PHG5...
CVE-2023-51074 vulnerabilities
Vulnerabilities for packages: solr, hadoop-fips, trino...
CVE-2023-51074 vulnerabilities
Vulnerabilities for packages: trino, solr...