Linux Distros Unpatched Vulnerability : CVE-2022-21653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are...

CVE-2022-21653

Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...

OPENSUSE-SU-2024:11718-1 jawn-ast-0.14.1-2.1 on GA media

These are all security issues fixed in the jawn-ast-0.14.1-2.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2022-21653

Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...

com.storm-enroute:scalameter_2.12.0-RC1 (>=0.8 <=0.8.1), com.typesafe.akka:akka-http-spray-json-experimental_2.12.0-RC1 (>=2.4.10 <=2.4.11) +1 more potentially affected by CVE-2018-18855 via io.spray:spray-json_2.12.0-RC1 (=1.3.2)

io.spray:spray-json2.12.0-RC1 MAVEN version =1.3.2 is affected by a known vulnerability. The following packages have a transitive dependency on io.spray:spray-json2.12.0-RC1 and may be impacted: - com.storm-enroute:scalameter2.12.0-RC1 =0.8, =2.4.10, =2.4.11 - org.spire-math:jawn-spray2.12.0-RC1...

Security update for jaw (moderate)

openSUSE Security Update: Security update for jaw Announcement ID: openSUSE-SU-2022:0045-1 Rating: moderate References: 1194358 Cross-References: CVE-2022-21653 CVSS scores: CVE-2022-21653 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP2 An...

OPENSUSE-SU-2022:0045-1 Security update for jaw

jawn was updated to fix: CVE-2022-21653: DoS caused by a hash collision in SimpleFacade and MutableFacade bsc1194358...

OPENSUSE-SU-2022:0106-1 Security update for jawn

This update for jawn fixes the following issues: - CVE-2022-21653: Fixed DoS caused by a hash collision in SimpleFacade and MutableFacade bsc1194358...

openSUSE 15 Security Update : jawn (openSUSE-SU-2022:0011-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0011-1 advisory. - Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override...

OPENSUSE-SU-2022:0011-1 Security update for jawn

This update for jawn fixes the following issues: CVE-2022-21653: DoS caused by a hash collision in SimpleFacade and MutableFacade boo1194358...

Security update for jawn (moderate)

openSUSE Security Update: Security update for jawn Announcement ID: openSUSE-SU-2022:0011-1 Rating: moderate References: 1194358 Cross-References: CVE-2022-21653 Affected Products: openSUSE Backports SLE-15-SP3 An update that fixes one vulnerability is now available. Description: This update for...

org.typelevel:jawn-ast_0.27 (>=1.0.0 <=1.0.2), org.typelevel:jawn-json4s_0.27 (>=1.0.1 <=1.0.2) +3 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_0.27 (>=1.0.0 <=1.0.2)

org.typelevel:jawn-parser0.27 MAVEN version =1.0.0, =1.0.0, =1.0.1, =1.0.1, =1.0.1, =1.0.0, =1.0.2 Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

org.typelevel:jawn-argonaut_2.10 (>=0.14.0 <=0.14.1), org.typelevel:jawn-ast_2.10 (>=0.14.0 <=0.14.1) +6 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.10 (>=0.14.0 <=0.14.1)

org.typelevel:jawn-parser2.10 MAVEN version =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.1 Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

org.typelevel:jawn-ast_3.0.0-M1 (>=1.0.1 <=1.0.2), org.typelevel:jawn-json4s_3.0.0-M1 (>=1.0.1 <=1.0.2) +3 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3.0.0-M1 (>=1.0.1 <=1.0.2)

org.typelevel:jawn-parser3.0.0-M1 MAVEN version =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.2 Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

ai.eto:rikai_2.12 (>=0.0.3 <=0.1.7), ai.mantik:bridge-protocol_2.12 (>=0.3.0 <=0.3.1-rc2) +1285 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.12 (>=0.14.0 <=1.3.1)

org.typelevel:jawn-parser2.12 MAVEN version =0.14.0, =0.0.3, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.1-rc2 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

org.typelevel:jawn-ast_0.25 (=1.0.0), org.typelevel:jawn-util_0.25 (=1.0.0) potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_0.25 (=1.0.0)

org.typelevel:jawn-parser0.25 MAVEN version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.typelevel:jawn-parser0.25 and may be impacted: - org.typelevel:jawn-ast0.25 =1.0.0 - org.typelevel:jawn-util0.25 =1.0.0 Source cves: CVE-2022-21653...

com.github.xuwei-k:msgpack4z-jawn_2.13.0-M5 (=0.4.0), com.lihaoyi:ujson-circe_2.13.0-M5 (>=0.7.3 <=0.7.4) +25 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13.0-M5 (>=0.14.0 <=0.14.1)

org.typelevel:jawn-parser2.13.0-M5 MAVEN version =0.14.0, =0.7.3, =2.1.0, =0.6.0, =0.11.0, =0.11.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.5.0-M2, =0.5.0-M2, =0.20.0, =0.20.0, =0.20.10 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

com.busymachines:pureharm-json-circe_2.13.0-RC2 (=0.0.2-M13), io.circe:circe-jawn_2.13.0-RC2 (=0.12.0-M2) +5 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13.0-RC2 (=0.14.2)

org.typelevel:jawn-parser2.13.0-RC2 MAVEN version =0.14.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.typelevel:jawn-parser2.13.0-RC2 and may be impacted: - com.busymachines:pureharm-json-circe2.13.0-RC2 =0.0.2-M13 - io.circe:circe-jawn2.13.0-R...

io.argonaut:argonaut-jawn_2.13.0-RC3 (=6.2.3), org.typelevel:jawn-ast_2.13.0-RC3 (=0.14.2) +3 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13.0-RC3 (=0.14.2)

org.typelevel:jawn-parser2.13.0-RC3 MAVEN version =0.14.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.typelevel:jawn-parser2.13.0-RC3 and may be impacted: - io.argonaut:argonaut-jawn2.13.0-RC3 =6.2.3 - org.typelevel:jawn-ast2.13.0-RC3 =0.14.2 -...

com.softwaremill.sttp.client3:circe_3.0.0-RC2 (>=3.3.0-RC1 <=3.3.0-RC5), io.circe:circe-jawn_3.0.0-RC2 (=0.14.0-M5) +15 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3.0.0-RC2 (>=1.1.1 <=1.1.2)

org.typelevel:jawn-parser3.0.0-RC2 MAVEN version =1.1.1, =3.3.0-RC1, =0.9.2, =0.9.2, =0.10.0, =0.22.0-M7, =0.22.0-M7, =1.1.1, =0.0.26, =1.1.1, =1.1.1, =1.1.2 - tech.bilal:akka-http-client-circe3.0.0-RC2 =0.0.5-beta and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...