CVE-2023-1436

CVE-2023-1436 : Jettison triggers an infinite recursion when constructing a JSONArray from a Collection containing a self-reference, leading to a DoS/StackOverflow in vulnerable deployments. Connected IBM advisories tie this to IBM watsonx.data and list remediation: upgrade to watsonx.data 2.0.3 ...

CVE-2023-1436 Infinite recursion in Jettison leads to denial of service when creating a crafted JSONArray

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown...