123 matches found
Security Bulletin: IBM Event Processing is vulnerable to a denial of service attack (CVE-2023-51074).
Summary IBM Event Processing is vulnerable to a denial of service due to json-path component , caused by a stack-based buffer overflow in the Criteria.parse method. It is a query language for JSON, similar to XPath for XML. It allows you to select and extract data from a JSON document...
Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 269. Vulnerability Details CVEID:CVE-2024-20918 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause...
CIGESv2 信息泄露漏洞
CIGESv2 is a queue and reservation management system from CIGESv2, Inc. CIGESv2 suffers from an information disclosure vulnerability that stems from the presence of an information disclosure vulnerability. Allows an attacker to access /vender/composer/installed.json and retrieve all installed...
PT-2024-21774 · Cigesv2 · Cigesv2
Name of the Vulnerable Software and Affected Versions: CIGESv2 affected versions not specified Description: The issue concerns an information exposure vulnerability in the CIGESv2 system. A remote attacker might be able to access the "/vendor/composer/installed.json" endpoint and retrieve all...
Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to json-path [CVE-2023-51074]
Summary The Transformation Advisor Tool in IBM App Connect Enterprise is vulnerable to a denial of service due to json-path. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of...
OESA-2024-1252 json-path security update
Java DSL for reading and testing JSON documents. Security Fixes: json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method.CVE-2023-51074...
Security Bulletin: Denial of Service vulnerability affect IBM Business Automation Workflow Event Emitters - CVE-2023-51074
Summary IBM Business Automation Workflow Event Emitters are vulnerable to a Denial of Service attack. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, caused by a stack-based buffer overflow in the Criteria.parse method. By sending a speciall...
Security Bulletin: Json-path is vulnerable to CVE-2023-51074 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses json-path which is vulnerable to CVE-2023-51074. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, caused by...
json-path: stack-based buffer overflow in Criteria.parse method
A stack overflow vulnerability was found in the Criteria.parse method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service...
json-path: stack-based buffer overflow in Criteria.parse method
A stack overflow vulnerability was found in the Criteria.parse method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service...
Denial Of Service (DoS)
json-path is vulnerable to Denial Of Service DoS. The vulnerability is due an infinite recursion caused when a specially crafted input is passed to the Criteria.parse method which results in a stack overflow...
CVE-2023-51074
A stack overflow vulnerability was found in the Criteria.parse method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service...
africa.absa:inception-test (>=1.0.0 <=1.2.0), ai.apiverse:apipulse (=1.0.1) +9496 more potentially affected by CVE-2023-51074 via com.jayway.jsonpath:json-path (>=2.2.0 <=2.8.0)
com.jayway.jsonpath:json-path MAVEN version =2.2.0, =1.0.0, =0.0.2, =0.0.2, =0.0.10, =0.0.6, =1.1.0, =1.6.8, =4.1.0, =4.0.0, =3.4.0, =3.5.4-rc.0, =2.0, =2.0, =3.0 and more Source cves: CVE-2023-51074 Source advisory: OSV:GHSA-PFH2-HFMQ-PHG5...
GHSA-PFH2-HFMQ-PHG5 json-path Out-of-bounds Write vulnerability
json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...
CVE-2023-51074
json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...
CVE-2023-51074
json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...
CVE-2023-51074
json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...
Stack overflow
json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...
UBUNTU-CVE-2023-51074
json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...
Jayway JsonPath Security Vulnerability
Jayway JsonPath is json-path open source a Java DSL for reading Json documents. A security vulnerability exists in Jayway JsonPath version v2.8.0, which stems from a stack overflow vulnerability in the Criteria.parse method...