34 matches found
EUVD-2024-2228
Malicious code in bioql PyPI...
EUVD-2023-2963
Malicious code in bioql PyPI...
CVE-2023-7272
A flaw was found in Eclipse Parsson. A document containing a large depth of nested objects may allow an attacker to cause a Java stack overflow exception, potentially leading to a denial of service...
GHSA-2RWM-XV5J-777P Eclipse Parsson stack overflow when parsing deeply nested input
In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...
Eclipse Parsson stack overflow when parsing deeply nested input
In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...
ai.timefold.solver:timefold-solver-quarkus-jsonb (>=0.9.38 <=1.2.0), ai.timefold.solver:timefold-solver-quarkus-jsonb-deployment (>=0.9.38 <=1.2.0) +2527 more potentially affected by CVE-2023-7272 via org.eclipse.parsson:parsson (>=1.1.0 <=1.1.2)
org.eclipse.parsson:parsson MAVEN version =1.1.0, =0.9.38, =0.9.38, =0.9.38, =22.12.0, =22.11.0, =22.9.0, =24.7.0, =22.5.0, =22.10.0, =22.11.0, =24.7.0 and more Source cves: CVE-2023-7272 Source advisory: OSV:GHSA-2RWM-XV5J-777P...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=7.2.0 <=7.4.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=7.2.0 <=7.4.5) +407 more potentially affected by CVE-2023-7272 via org.eclipse.parsson:parsson (>=1.0.0 <=1.0.3)
org.eclipse.parsson:parsson MAVEN version =1.0.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =1.0, =0.3.8, =0.3.0, =0.2.3, =1.1.0, =1.2.0 and more Source cves: CVE-2023-7272 Source advisory: OSV:GHSA-2RWM-XV5J-777P...
CVE-2023-7272
In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...
CVE-2023-7272
In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...
CVE-2023-7272 Eclipse Parsson stack overflow with deeply nested objects
In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...
CVE-2023-7272
CVE-2023-7272 affects Eclipse Parsson prior to 1.0.4 and 1.1.3, where parsing JSON documents with a deeply nested structure can trigger a Java stack overflow and denial of service. The root cause is extremely nested object depth in JSON processing (parse/generate/transform/query). The CVSS base s...
CVE-2023-7272 Eclipse Parsson stack overflow with deeply nested objects
In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing e.g. parse, generate, transform and query JSON documents...
parsson: Denial of Service due to large number parsing
A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service DoS due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected...
parsson: Denial of Service due to large number parsing
A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service DoS due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected...
parsson: Denial of Service due to large number parsing
A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service DoS due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 8.0.1 (RHSA-2024:1192)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1192 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.0.1 (RHSA-2024:1193)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1193 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...
Security Bulletin: IBM Event Processing is vulnerable to a denial of service (CVE-2023-4043).
Summary IBM Event Processing is vulnerable to a denial of service due to parsson-1.1.2.jar component. Parsson provides an implementation of Jakarta JSON Processing Specification. Vulnerability Details CVEID:CVE-2023-4043 DESCRIPTION: Eclipse Parsson is vulnerable to a denial of service, caused by...
Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service (CVE-2023-4043).
Summary IBM Event Endpoint Management is vulnerable to a denial of service due to parsson-1.1.2.jar component. Parsson is an implementation of Jakarta JSON Processing specification. Vulnerability Details CVEID:CVE-2023-4043 DESCRIPTION: Eclipse Parsson is vulnerable to a denial of service, caused...
parsson: Denial of Service due to large number parsing
A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service DoS due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected...