Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-21653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are...

7.5CVSS7AI score0.00793EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.9 views

com.github.ghostdogpr:caliban-client_3.0.0-RC3 (=0.10.0), com.github.ghostdogpr:caliban-zio-http_3.0.0-RC3 (=0.10.0) +9 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3.0.0-RC3 (=1.1.2)

org.typelevel:jawn-parser3.0.0-RC3 MAVEN version =1.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.typelevel:jawn-parser3.0.0-RC3 and may be impacted: - com.github.ghostdogpr:caliban-client3.0.0-RC3 =0.10.0 -...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.4 views

org.typelevel:jawn-ast_0.25 (=1.0.0), org.typelevel:jawn-util_0.25 (=1.0.0) potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_0.25 (=1.0.0)

org.typelevel:jawn-parser0.25 MAVEN version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.typelevel:jawn-parser0.25 and may be impacted: - org.typelevel:jawn-ast0.25 =1.0.0 - org.typelevel:jawn-util0.25 =1.0.0 Source cves: CVE-2022-21653...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.6 views

ch.acmesoftware:arangodb-scala-driver-circe_2.11 (=0.3.0), com.47deg:github4s-cats-effect_2.11 (=0.20.0) +322 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.11 (>=0.14.0 <=0.14.3)

org.typelevel:jawn-parser2.11 MAVEN version =0.14.0, =4.0.1, =4.0.1, =4.0.1, =0.4.0, =0.4.0, =0.4.0, =5.0.0, =4.2.0-RC1, =4.2.0-RC1, =4.4.0-RC2 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.9 views

com.busymachines:pureharm-json-circe_2.13.0-RC2 (=0.0.2-M13), io.circe:circe-jawn_2.13.0-RC2 (=0.12.0-M2) +5 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13.0-RC2 (=0.14.2)

org.typelevel:jawn-parser2.13.0-RC2 MAVEN version =0.14.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.typelevel:jawn-parser2.13.0-RC2 and may be impacted: - com.busymachines:pureharm-json-circe2.13.0-RC2 =0.0.2-M13 - io.circe:circe-jawn2.13.0-R...

7.5CVSS7.2AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.6 views

io.argonaut:argonaut-jawn_2.13.0-RC1 (=6.2.3), io.circe:circe-iteratee_2.13.0-RC1 (=0.13.0-M1) +8 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13.0-RC1 (=0.14.2)

org.typelevel:jawn-parser2.13.0-RC1 MAVEN version =0.14.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.typelevel:jawn-parser2.13.0-RC1 and may be impacted: - io.argonaut:argonaut-jawn2.13.0-RC1 =6.2.3 - io.circe:circe-iteratee2.13.0-RC1 =0.13.0-...

7.5CVSS7.2AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.6 views

com.softwaremill.sttp.client3:circe_3.0.0-RC1 (>=3.1.5 <=3.2.3), io.circe:circe-jawn_3.0.0-RC1 (=0.14.0-M4) +14 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3.0.0-RC1 (>=1.1.0 <=1.1.1)

org.typelevel:jawn-parser3.0.0-RC1 MAVEN version =1.1.0, =3.1.5, =0.22.0-M4, =0.22.0-M4, =0.22.0-M4, =1.1.0, =1.1.0, =2.0.0, =1.1.0, =1.1.1 - tech.bilal:akka-http-client-circe3.0.0-RC1 =0.0.4-beta - tech.bilal:akka-http-jwt-auth3.0.0-RC1 =0.0.4-beta and more Source cves: CVE-2022-21653 Source...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.6 views

org.typelevel:jawn-ast_0.27 (>=1.0.0 <=1.0.2), org.typelevel:jawn-json4s_0.27 (>=1.0.1 <=1.0.2) +3 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_0.27 (>=1.0.0 <=1.0.2)

org.typelevel:jawn-parser0.27 MAVEN version =1.0.0, =1.0.0, =1.0.1, =1.0.1, =1.0.1, =1.0.0, =1.0.2 Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.10 views

io.circe:circe-jawn_3.0.0-M3 (>=0.14.0-M2 <=0.14.0-M3), io.circe:circe-parser_3.0.0-M3 (>=0.14.0-M2 <=0.14.0-M3) +10 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3.0.0-M3 (>=1.0.3 <=1.1.0)

org.typelevel:jawn-parser3.0.0-M3 MAVEN version =1.0.3, =0.14.0-M2, =0.14.0-M2, =1.0.1, =1.0.3, =2.0.0, =1.0.3, =1.1.0 - tech.bilal:akka-http-client-circe3.0.0-M3 =0.0.3-beta - tech.bilal:akka-http-jwt-auth3.0.0-M3 =0.0.3-beta - tech.bilal:akka-http-oidc-client3.0.0-M3 =0.0.3-beta Source cves:...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.7 views

org.typelevel:jawn-ast_3.0.0-M1 (>=1.0.1 <=1.0.2), org.typelevel:jawn-json4s_3.0.0-M1 (>=1.0.1 <=1.0.2) +3 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3.0.0-M1 (>=1.0.1 <=1.0.2)

org.typelevel:jawn-parser3.0.0-M1 MAVEN version =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.2 Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.4 views

org.http4s:jawn-fs2_3.0.0-M2 (>=1.0.1 <=1.0.1-RC3), org.typelevel:jawn-ast_3.0.0-M2 (>=1.0.2 <=1.0.3) +5 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3.0.0-M2 (>=1.0.2 <=1.0.3)

org.typelevel:jawn-parser3.0.0-M2 MAVEN version =1.0.2, =1.0.1, =1.0.2, =2.0.0-RC1, =1.0.2, =1.0.2, =1.0.2, =1.0.2, =1.0.3 Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.5 views

ai.eto:rikai_2.12 (>=0.0.3 <=0.1.7), ai.mantik:bridge-protocol_2.12 (>=0.3.0 <=0.3.1-rc2) +1286 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.12 (>=0.14.0 <=1.3.1)

org.typelevel:jawn-parser2.12 MAVEN version =0.14.0, =0.0.3, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.1-rc2 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.6 views

io.argonaut:argonaut-jawn_2.13.0-RC3 (=6.2.3), org.typelevel:jawn-ast_2.13.0-RC3 (=0.14.2) +3 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13.0-RC3 (=0.14.2)

org.typelevel:jawn-parser2.13.0-RC3 MAVEN version =0.14.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.typelevel:jawn-parser2.13.0-RC3 and may be impacted: - io.argonaut:argonaut-jawn2.13.0-RC3 =6.2.3 - org.typelevel:jawn-ast2.13.0-RC3 =0.14.2 -...

7.5CVSS7.2AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.6 views

ai.eto:rikai_2.13 (>=0.0.14 <=0.1.7), ai.mantik:bridge-protocol_2.13 (>=0.4.0 <=0.4.0-rc1) +1334 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13 (>=0.14.2 <=1.3.1)

org.typelevel:jawn-parser2.13 MAVEN version =0.14.2, =0.0.14, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0-rc1 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7.2AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.11 views

org.typelevel:jawn-ast_2.11 (>=1.0.0-RC1 <=1.0.0-RC2), org.typelevel:jawn-json4s_2.11 (>=1.0.0-RC1 <=1.0.0-RC2) +3 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.11 (>=1.0.0-RC1 <=1.0.0-RC2)

org.typelevel:jawn-parser2.11 MAVEN version =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC2 Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.5 views

com.github.xuwei-k:msgpack4z-jawn_2.13.0-M5 (=0.4.0), com.lihaoyi:ujson-circe_2.13.0-M5 (>=0.7.3 <=0.7.4) +25 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.13.0-M5 (>=0.14.0 <=0.14.1)

org.typelevel:jawn-parser2.13.0-M5 MAVEN version =0.14.0, =0.7.3, =2.1.0, =0.6.0, =0.11.0, =0.11.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.5.0-M2, =0.5.0-M2, =0.20.0, =0.20.0, =0.20.10 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7.2AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.13 views

au.id.tmm.fetch:fetch-aws-dynamodb_3 (>=0.7.0 <=0.9.2), au.id.tmm.fetch:fetch-aws-textract_3 (>=0.2.0 <=0.9.2) +331 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3 (>=1.1.2 <=1.3.1)

org.typelevel:jawn-parser3 MAVEN version =1.1.2, =0.7.0, =0.2.0, =0.7.0, =0.2.0, =0.2.0, =0.29.0, =0.0.1, =0.0.1, =0.0-08b8c90, =0.0-08b8c90, =0.0-08b8c90, =0.1-f497734 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.5 views

com.softwaremill.sttp.client3:circe_3.0.0-RC2 (>=3.3.0-RC1 <=3.3.0-RC5), io.circe:circe-jawn_3.0.0-RC2 (=0.14.0-M5) +15 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3.0.0-RC2 (>=1.1.1 <=1.1.2)

org.typelevel:jawn-parser3.0.0-RC2 MAVEN version =1.1.1, =3.3.0-RC1, =0.9.2, =0.9.2, =0.10.0, =0.22.0-M7, =0.22.0-M7, =1.1.1, =0.0.26, =1.1.1, =1.1.1, =1.1.2 - tech.bilal:akka-http-client-circe3.0.0-RC2 =0.0.5-beta and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7.1AI score0.00793EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 11:48 p.m.5 views

org.typelevel:jawn-argonaut_2.10 (>=0.14.0 <=0.14.1), org.typelevel:jawn-ast_2.10 (>=0.14.0 <=0.14.1) +6 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_2.10 (>=0.14.0 <=0.14.1)

org.typelevel:jawn-parser2.10 MAVEN version =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.1 Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...

7.5CVSS7.2AI score0.00793EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/01/06 11:48 p.m.33 views

Hash collision in typelevel jawn

Impact Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack. Most applications do not implement these traits directly, but inherit from a library: Affected implementations include: org.http...

7.5CVSS7.5AI score0.00793EPSS
Exploits1References4Affected Software18
Rows per page
Query Builder